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Introduction 


With the release of AppleShare IP 5.0, Apple engineers took a basic 
product designed for small workgroups and gave it greatly 
expanded, world-reaching capabilities. AppleShare’s traditional 
file server application has been retained, but has been extended to 
provide service over the nonproprietary File Transfer Protocol 
(FTP), as well as a fast new hybrid, AppleTalk over TCP/IP (AFP/ 
TCP). The print spooler is there too, but it now manages more 
queues and printers. An integral Web server and email server are 
new to the product, along with a bundled DNS server. 


This book was written to provide AppleShare administrators with 
a comprehensive guide to deploying and managing the Apple- 
Share IP-based server. It covers a lot of information beyond the 
actual use of AppleShare IP, such as hardware configuration, net- 
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work design, and great third-party applications. As co-author of the now 
discontinued Apple Certified Server Engineer (ACSE) program, I know 
how useful that extra knowledge can be. 


In a sense, this book is an update to Managing AppleShare & Workgroup 
Servers written by myself and Dorian J. Cougias for AP PROFESSIONAL in 
1995. However, I wrote this to be a companion to the earlier book rather 
than a replacement, so the two cover different ranges of material. 
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The Evolution of 
AppleShare 


Although AppleShare IP is something almost completely new to 
the Mac OS, its history is long and venerable. As early as 1984, a 
group of Apple engineers—Rich Andrews in particular—produced 
the first Macintosh file server. Since then, AppleShare has steadily 
grown more sophisticated and robust. 
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APPLESHARE 1.X AND 2.X 


Early versions of AppleShare designed for System 6 were modest per- 
formers compared to what was to follow. Nevertheless, they were 
impressive for their time. These versions are no longer in use today. 


AppleShare 2.0.1 Limitations 


Connected users 

Open files 

Physical volumes 

Physical volume size 

File size 

Users in Users & Groups Data File 
Groups in Users & Groups Data File 


Group memberships per user 


APPLESHARE 3.X 


50 

160 

16 

2 Gbytes 
2 Gbytes 
2,000 
2,000 

16 


AppleShare 3.x was designed for the 68030 processor, which was used by 
such lovable Macintosh relics as the SE/30 and Ilci. In fact, it runs on any 
68K-based Macintosh, from the lowly MacPlus (68000 processor) to the 
Quadra 950 (68040 processor). It will also run on a PowerPC-based Mac- 
intosh, but has no ability to use the newer processor’s increased speed. 
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a RppleShere File Server 


Server : SMTIF/POP 
Zene : Public 


File Server Volumes: 


Shared Items: 


FIGURE 1-1: The AppleShare File Server interface, version 3. 


AppleShare 3.x is 32-bit clean, Virtual Memory compatible, and multi- 
tasking compliant. It requires System 7 or above and at least 4 Mbytes of 
RAM. Although old, 3.x is still in use today at many organizations. Its last 
maintenance release was version 3.0.3. 


AppleShare 3.0.3 Limitations 


Connected users 120 
Outstanding requests 15 

Open files 346 
Simultaneous launches 120 
Physical volumes 50 
Physical volume size 4 Gbytes 
File size 2 Gbytes 
Shared items 50 

Users in Users & Groups Data File 8,192 
Groups in Users & Groups Data File 8,192 


Group memberships per user 42 
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APPLESHARE 4.X 


While the differences between AppleShare 3.x /4.x and AppleShare IP are 
the most marked, several changes within AppleShare version 4 are worth 
noting. 


AppleShare 4.0.2 


AppleShare 4.0.2 is touted as being two to three times faster than Apple- 
Share 3.x. This was made possible through RAM caching, a technique 
that stores commonly used information in a server’s RAM before a client 
computer requests it. 


[X] tumber of Files te Cache: ................c.ceeeeeeee 
Cache Size for Each File: ............-..scscecseeeees K 


Total File Cache Size: ........0....c. cece een cnneeeens 


Total Available Memory: 
Total Cache Memory Size: .............. 


FIGURE 1-2: Setting the RAM cache in AppleShare File Server, version 4. 


Running under System 7.1 or higher, this version of AppleShare was 
designed to run on a 68040-based Macintosh, such as the Quadra 950. It 
requires at least 8 Mbytes of RAM. 
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AppleShare 4.0.2 Limitations 


Connected users 150 
Outstanding requests 30 

Open files | 346 
Simultaneous launches 150 
Physical volumes 50 
Physical volume size 4 Gbytes 
File size 2 Gbytes 
Shared items 50 

Users in Users & Groups Data File 8,192 
Groups in Users & Groups Data File 8,192 
Group memberships per user 42 


AppleShare 4.1 


Next came AppleShare 4.1, which boasts Finder operations about 75 per- 
cent faster than those of AppleShare 4.0.2 on a similar PowerPC-based 
Macintosh. It was designed for the Power Macintosh only and was bun- 
dled with the Apple Workgroup Server (AWS) line. 


AppleShare 4.1’s limitations are the same as those of AppleShare 4.0.2. 
Unlike its predecessor, however, it requires at least 16 Mbytes of RAM 
and System 7.5 or above. 


Beginning with System 7.5, the Mac OS began supporting volume sizes 
greater than 4 Gbytes. However, since AppleShare’s core AppleTalk Fil- 
ing Protocol (AFP) allows a maximum of 4 Gbytes, that continued to be 
the maximum size of an AppleShare volume. Also, the maximum num- 
ber of files that can reside on any Macintosh volume is limited to 65,536 
by the Mac OS’ Hierarchical File Structure (HFS). 
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AppleShare 4.2.1 


The last of this series was AppleShare 4.2.1, which supports multihom- 
ing—the ability to reside on more than one network simultaneously— 
and a far greater number of open files. Apple claims a performance 
increase of 111 percent for file transfers over AppleShare 4.1. Where the 
server hosts a multiuser database, a performance increase of 352 percent 


was reported. 


AppleShare 4.2.1 can be used with both NuBus- and PCI-based Power 
Macintosh computers and was made available separate from the Apple 
Workgroup Server. It runs under System 7.5.1 or above and requires at 


least 16 Mbytes of RAM. 


AppleShare 4.2.1 Limitations 


Connected users 

Outstanding requests 

Open files 

Simultaneous launches 

Physical volumes 

Physical volume size 

File size 

Shared items 

Users in Users & Groups Data File 
Groups in Users & Groups Data File 


Group memberships per user 


250 

64 

3,000 
150 

50 

4 Gbytes 
2 Gbytes 
100 
8,192 
8,192 

42 
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APPLESHARE PRO 


I would be remiss if I did not mention Apple’s experiment with running 
AppleShare on the kernel of its implementation of the UNIX operating 
system, A/UX. Called AppleShare Pro, this version showed significant 
performance increases. It required A/UX 3.1 and 16 Mbytes of RAM. 


AppleShare Pro Limitations 


Connected users 200 
Outstanding requests 50 

Open files 5,000 
Simultaneous launches 200 
Physical volumes 50 
Physical volume size 4 Gbytes 
File size 2 Gbytes 
Shared items 50 

Users in Users & Groups Data File 8,192 
Groups in Users & Groups Data File 8,192 
Group memberships per user 42 


Apple dropped this implementation soon after it was introduced. 
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APPLESHARE IP 


AppleShare IP can be run on many Macintosh and Mac OS-compatible 
computers, not just the Apple server line. It is the first version in which 
Apple expands its file services beyond AppleTalk to include the Inter- 
net’s TCP/IP, and it adds an email server and Web server to the product’s 
file server and print server offerings. 


Server Info 


“EG= AppleShere IP Web & File Server Connection Status: 
Ss AppleShere S Server 
AppleShare/TCP 
Default Zone: Public 
File Server vie TCP: On FTP: On 
Multihoming: On HTTP: On 


File Server Yolumes: 
MadDog 


Shared Items: Remote User Activity: 


1 1 
10% S08 1 
aa. —————] 


FIGURE 1-3: AppleShare File Server, version 5. 


The first version of AppleShare IP, version 5.0, requires System 7.6 and 
Open Transport 1.1.2, and is based on OpenDoc technology. Later ver- 
sions support Mac OS 8 and newer versions of Open Transport. It 
requires at least 32 Mbytes of RAM. 
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AppleShare IP 5.0 Limitations 


Connected users 250 
Unique open files 364 
Open files (all) 3,000 
Simultaneous launches 250 
Physical volumes 50 
Physical volume size 2 Tbytes 
Shared items 100 
Users in Users & Groups Data File 4,096 
Groups in Users & Groups Data File 4,096 
Group memberships per user 42 
Multihomed AppleTalk Ports 4 


As you will see in the coming chapters, AppleShare IP is the most radical 
update of the original Apple file server product. 


SUMMARY 


AppleShare was first developed in 1984. The first versions were modest 
but impressive for their time. AppleShare 3.x was the first version created 
for use with System 7 and is still used at some sites today. AppleShare 4.x 
increases performance dramatically through RAM caching and PowerPC- 
native code. 


AppleShare IP represents a radical upgrade to Apple’s previous server 
offering. It works over TCP/IP as well as AppleTalk and adds an email 
server and Web server to the product’s file server and print server offer- 
ings. 


The Macintosh 
Server 


When you examine the range of computers designated as servers, 
you find they can be separated into two types. There are “true” 
server machines, which function specifically to read and write data 
from storage media and pump that data out over a network as fast 
as possible. There are also less capable machines that were origi- 
nally designed to be desktop workstations but have been “souped 
up” with high-throughput hardware to help them behave like serv- 
ers. 


True servers are generally described in terms of how many users 
they can transfer data to and from concurrently and how fast they 
can do it. This is the high-end of the marketplace characterized by 
powerful hardware and complex software such as Novell’s Net- 
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Ware, Microsoft’s Windows NT Server, and IBM’s AIX (a version of 
UNIX). Apple’s AIX-based Network Server line is designed to fit this role. 


FIGURE 2-1: Apple’s true server: The Network Server. 


The Network Server 500 and 700 are truly impressive machines, specially 
designed to be fast and exceptionally fault tolerant. For example, their 
wheeled cabinets contain redundant tray-mounted hard drives. Should 
one crash, another comes on-line without interrupting file services. The 
drives are “hot-swapable,” meaning that they can be removed and 
replaced while the server is running. Apple created these servers to meet 
the needs of their most demanding publishing, education, and technol- 
ogy customers. 


The Network Server line, and all true servers, have a couple of draw- 
backs. First, they are more expensive than what many organizations can 
reasonably afford. Second, they are often difficult to work with. Even 
Apple, the ease-of-use king, would have to admit that its AIX-based Net- 
work Servers require expert administration. Another type of server is 
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needed to fit the so-called SOHO (for “Small Office Home Office”) mar- 
ket as well as smaller schools, publishing houses, and design firms. For 
this market AppleShare IP and the Apple Workgroup Servers were cre- 
ated. 


APPLE WORKGROUP SERVERS 


The Apple Workgroup Servers are Macintosh computers that have been 
beefed up with fast processors, cache cards, lots of RAM, and larger-than- 
normal storage media. They come in several configurations to meet most 
organizations’ budget and performance requirements. Perhaps best of all, 
they are based on the Mac OS and are bundled with easy-to-administer 
software such as AppleShare IP. 


The Apple Workgroup Server line has evolved through several genera- 
tions. At the time of this writing, the line includes the following special- 
ized Macintosh computers. 
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Workgroup Server 9650/350 


FIGURE 2-2: The AWS 9650. 


The top-of-the-line AWS 9650/350 is based on a 350-MHz PowerPC 604e 
processor. It ships with 64 Mbytes of RAM and can be upgraded to as 
much as 768 Mbytes. RAM is far faster than any storage device such as a 
hard drive. The more data you can load into RAM from a storage device, 
the faster your server will perform while giving out that data. 


The 9650/350’s 1-Mbyte Level-2 memory cache permits it to accept 
incoming data and queue outgoing data when received more quickly 
than a given Input/Output (I/O) device, such as a hard disk or the Net- 
work Interface Card (NIC), can process it. This significantly increases 
data throughput and server responsiveness. 
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The server is equipped with six high-speed PCI (Peripheral Component 
Interconnect) slots for expansion cards, such as modems or multiple 
NICs. It comes with two internal 4-Gbyte hard drives that can be mir- 
rored in a manner similar to that of the Network Servers. Data is trans- 
ferred from the hard drives to RAM via an Ultra/Wide SCSI-3 interface, 
which is capable of 40 Mbps throughput. In addition to this Small Com- 
puter System Interface (SCSI) bus, there are two more for further expan- 
sion. One is an internal Fast SCSI-2 bus capable of 10 Mbps throughput. 
The other is the traditional external SCSI-1 bus, capable of 5 Mbps 
throughput. The server also comes with an internal 24-speed CD-ROM 
drive. 


On the networking side, the server comes with an auto-switching 10- 
Mbps/100-Mbps Ethernet NIC, along with the Macintosh’s traditional 
built-in Ethernet and LocalTalk. Other networking topologies such as 
Fiber Distributed Data Interface (FDDI), Asynchronous Transfer Mode 
(ATM), and Token Ring can be supported by adding another PCI NIC. 


Workgroup Server 9650/233 


The AWS 9650/233 is a slight step down in price and capability. Its con- 
figuration includes: 

e a233-MHz PowerPC 604e processor 

e 64 Mbytes of RAM, expandable to 768 Mbytes 

e a512K Level-2 cache 

e six PCI expansion slots 


¢ one 4-Gbyte hard disk on the internal Ultra/Wide SCSI-3 bus. The 
Fast SCSI-2 internal bus and SCSI-1 external bus are here as well 


¢ an internal 12-speed CD-ROM drive 
e built-in Ethernet and LocalTalk 
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Workgroup Server 7350/180 


FIGURE 2-3: AWS 7350 and AWS 7250. 


Next in line is the AWS 7350/180, which is housed in a smaller desktop 
case than the 9650’s tower case. Although it resembles all of the other 
basic Macintosh computers that share its form, it is much more powerful 
than any of them. Its configuration includes: 


a 180-MHz PowerPC 604e processor 

48 Mbytes of RAM, expandable to 512 Mbytes 
a 256K Level-2 cache 

three PCI expansion slots 


an internal 4-Gbyte hard disk drive; one internal Fast SCSI-2 bus; and 
one external SCSIJ-1 bus 


an internal 12-speed CD-ROM drive 
built-in Ethernet and LocalTalk 
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Workgroup Server 7250/120 


The server designated as the entry-level machine shares the same case but 
has few of the same capabilities the AWS 7350 has. Its configuration 
includes: 


e a120-MHz PowerPC 601 processor 

e a256-Kbyte Level-2 cache 

e 16 Mbytes of RAM, expandable to 256 Mbytes 
e three PCI expansion slots 


¢ an internal 2-Gbyte hard disk drive on a SCSI-1 Direct Memory 
Access (DMA) bus that supports three internal and four external stor- 
age devices (although there is only room in the case for one more 
device) 


e an internal 8-speed CD-ROM drive 

e built-in Ethernet and LocalTalk 

Although this server is a wimp compared to its newer brethren, it is still 
formidable enough to meet the needs of many small and medium-sized 
workgroups. It is also equal to or better than earlier generations of the 


AWS, many of which can also be upgraded to run AppleShare IP and 
meet the needs of small workgroups. 


Earlier Generations 


The following computers are no longer sold by Apple, although if you 
have one, your investment need not be wasted. Several of them can run 
AppleShare IP, and several others can be upgraded to do so. 


Workgroup Server 9150 


The former king of the AWS hill was introduced in 1994. Its first configu- 
ration was based on a 80-MHz PowerPC 601 processor. This was later 
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upgraded with the introduction of the AWS 9150/120 with its 120-MHz 
PowerPC 601 processor. Both models will run AppleShare IP, but only 
the AWS 9150/120 is powerful enough to do it well. 


FIGURE 2-4: AWS 9150. 


The 9150’s configuration includes: 


e 16 Mbytes of RAM, expandable to 264 Mbytes 
¢ a1-Mbyte Level-2 cache 


e¢ four NuBus expansion slots—significantly slower than those of the 
PCI bus 


¢ one processor-direct slot (PDS) 


¢ one or two internal 1-Gbyte, 2-Gbyte, or 4-Gbyte hard drives (with 
space for up to five internal 3.5-inch half-height hard drives) 
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e aninternal DDS-2 Digital Audio Tape (DAT) drive 

° aninternal 4-speed CD-ROM drive 

e two SCSI-1 DMA buses, one internal and one external 
e built-in Ethernet and LocalTalk 


Workgroup Server 8550 


The AWS 8550/132 is based on a 132-MHz PowerPC 604 processor. It was 
later upgraded to the AWS 8550/200, which is based on the 200-MHz 
PowerPC 604e processor. Both are quite capable of running AppleShare 
IP. In fact, this book was written using AppleShare IP on an AWS 8550/ 
132. 


FIGURE 2-5: AWS 8550. 
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The 8550’s configuration includes: 


e 32 Mbytes of RAM, expandable to 512 Mbytes 

e a512K Level-2 cache 

e three PCI expansion slots 

e aninternal 2-Gbyte hard drive (with room for a storage device) 
e an internal 8-speed CD-ROM drive 

® aninternal DDS-2 DAT drive 

e two SCSI DMA buses 

e built-in Ethernet and LocalTalk 


Workgroup Server 8150 


The 8150 was introduced in 1994 and discontinued a year later. It is 
housed in a case similar to what was later used by the AWS 8550. Based 
on an 80-MHz 601 processor, the 8150 will also run AppleShare IP, 
although it would be best to keep its workload light. 


The 8150’s configuration includes: 


e 8 Mbytes of RAM, expandable to 264 Mbytes 

¢ aninternal SCSI 500-Mbyte or 1-Gbyte hard drive 
e three NuBus expansion slots and 1 PDS 

e built-in Ethernet and LocalTalk 


Workgroup Server 6150 


The 6150 uses a case affectionately referred to as the “pizza box.” It is 
based on a 66-MHz PowerPC 601 processor and will run AppleShare IP, 
although only under the lightest of workloads. If you have an AWS 6150, 
8150, or 9150, you will probably find that an upgrade is a good idea. 
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FIGURE 2-6: AWS 6150. 


The AWS 6150's configuration includes: 


e 16 Mbytes of RAM, expandable to 72 Mbytes 

e a256-Kbyte Level-2 cache 

¢ one NuBus expansion slot and one PDS 

¢ an internal 700-Mbyte hard drive, with room only for one 

¢ aninternal 4-speed CD-ROM drive 

e one SCSI bus supporting two internal and five external devices 
e built-in Ethernet and LocalTalk 


Workgroup Server 95 


The AWS 95 is an oddity. Introduced in 1993, it is not quite sure whether 
it should be a UNIX machine or a Macintosh. In fact, it is a Quadra 950 
based on a 66-MHz 68040 processor that runs A/UX, Apple’s now- 
discontinued version of UNIX. This machine will not run AppleShare IP. 


The AWS 95’s configuration includes: 


e 8 Mbytes of RAM, expandable to 256 Mbytes 

¢ an internal 230-Mbyte or 1-Gbyte SCSI hard disk 
e five NuBus slots and one PDS 

e built-in Ethernet and LocalTalk 


Although this was not a very successful Apple offering, it did portend the 
introduction of the Network Servers a few years later. 
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Workgroup Server 60 and 80 


Together with the AWS 95, the AWS 60 and AWS 80 launched the line in 
1993. They too are 68K machines (i.e., based on the Motorola 68040) and 
therefore incapable of running AppleShare IP. 


These machines no longer work as servers, but they might have some life 
left as desktop workstations. 


Building Your Own Server 


Although the AWS line was created to provide server-capable Macintosh 
computers at a reasonable price, there is nothing to stop you from creat- 
ing your server using Apple upgrade options, third-party hardware, and 
even Mac OS clones. If the server is to run AppleShare IP, however, it 
must meet the following minimum requirements: 


¢ a 601, 604, or 604e PowerPC processor (for AppleShare IP 5.0; later 
versions support additional processors) 

e 32 Mbytes of RAM 

e 10 Mbytes of RAM 

e aCD-ROM drive 


SUMMARY 


AppleShare IP and the Apple Workgroup Servers were designed for 
small and medium-sized networks. There have been several generations 
of AWS. Most of these servers can run AppleShare IP. 


Other Mac OS computers besides the AWS line can run AppleShare IP, so 
long as they meet the minimum system requirements. 


Installing the 
Macintosh Server 


Installing a new Macintosh server is best done in several steps. 
First, install any supplemental hardware to the CPU; this could 
include larger storage media, additional RAM, a backup DAT 
drive, or a cache card. Second, place the server in a secure location, 
perhaps a dedicated “server room” or some workroom or closet. 
Third, determine the best place to put the server on the LAN; this 
will most likely be on a network segment close to the majority of 
your users with the greatest bandwidth available to it. Fourth, 
install the AppleShare IP software; this is made simple by the 
AppleShare IP Easy Setup application. 


Upgrading a Macintosh server requires a couple of additional 
steps, primarily backing up the hard drive. When you have com- 
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pleted all the other steps, you may then restore users’ folders, files, and 
associated privileges from that backup. 


In the following pages I will assume that you are installing AppleShare IP 
on anew Macintosh server of a configuration similar to those I mentioned 
in Chapter 2. If you are upgrading an existing server, this information 
will still be valuable to you. I will add some information unique to your 
situation at the end of the chapter. 


BACKING UP THE HARD DRIVE 


If you are installing a new Macintosh server, it is a good idea to back up 
its hard drive prior to installing AppleShare IP. If you encounter a severe 
problem during the new software’s installation, this will permit you to 
restore the server machine to the state it was in before the attempted 
installation. Then you can determine the cause of the problem and try 
installing again. 


If you are upgrading a Macintosh server from AppleShare 3.x or 4.x, you 
must back up the hard drive before installing AppleShare IP. This will be 
a milestone backup, the purpose of which is to capture everything on the 
hard drive—system software, invisible files, application preferences, user 
folders, files, and privileges—before any major change is made to the 
server. Such a backup ensures that you can always return your server to 
its previous configuration if something goes wrong with new software or 
hardware. 


Backing up with Retrospect 


Here is how to perform a milestone backup using Dantz Development 
Corp.’s Retrospect and a Digital Audio Tape (DAT) drive, the most com- 
mon configuration for Apple servers. 
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Get a New DAT 


You may be restoring all of your server’s vital data from this backup, so 
you should take great pains to ensure that the recording will be free from 
errors. The best way to do this is to use a DAT that is “fresh.” 


Log off Users 


In order to preserve AppleShare’s privileges so that you can revert to 
them, you must back up the server while AppleShare is running. While 
the backup is being performed do not permit users to make changes to 
the server's volumes. The best way to guard against users inadvertently 
logging back on to the server after you have warned them to log off is to 
remove the server from the network by unplugging the patch cable from 
the wall. 


Prepare to Run the Backup 


To prepare Retrospect for this task, launch the application and press the 
Backup button under the Immediate tab in the Retrospect Directory win- 
dow. 


Back up files to a StorageSet™ 
Copy files to a StorageSet—e set of disks or tapes 


oo 2 — ee ca ee 


Restore files from a StorageSet 
Recreate e disk or retrieve files and folders 


Ma it nb sear mv adareerene WEte neem tet roe ah eter hitler eta Heat are Hety-tfetolrdpm tir © bt ee erties meee rer mcetwen Ene bey wearer ra ert it art ao d et hi frel ie tts MNP Ae OE hd 


Duplicate one volume to another Duplicate 
Make an identical copy of a desktop disk or folder 


the ke eeaue atime aed ntadadanbe edn nteeiaeeiacamenkaensaelaamadionmeta hs ohana eek enbaeiteddcatiohan tank chee onktihabaeanadaciekartenedioantataaisnitnteoanonnta bens akeiornketdsmnantena caeeetaicend 
Run 6 script now 
Or make e document thet runs a script when opened 
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This will open the Volume Selection window, in which you should high- 


light the server’s hard drive (under Local Desktop) and then press the 
OK button. 


Volume Selection 


e) Source Volumes for Backup... 
2-" (See the Volumes mend for more functions} 


v &3 Local Desktop 


b & Network Clients 
> @ Source Groups 


Now that Retrospect knows what you want to back up, create a StorageSet 
for it to back up to in the StorageSet Creation window. StorageSets are 
what Retrospect calls its backup sets. They may contain multiple volumes 
and span multiple storage media. Give the StorageSet a meaningful 
name; then press the New button. 


— eS Storageset Creal ——————E 


I) Creating a StorageSet... 
Z—— These creation options cannot be changed later : 


Storage type: | SCSI Tape Orives | $ | | SCSI Tape Orives | $ | Orives + (__Cancet_J 


For DAT, DLT, @mm, TEAC, OIC, DC2000, eto 
Data may span multiple tapes; 2 catalog és kept on the hard disk 


No Password/Enoryption specified 


Data Storage: Allow Hardwere Data Compression 
Used when avaflable, overriding software compression 


Name: jMilestone 4/10/94 id 


Used to name each tape in the StorageSet 


Once you have named the milestone backup StorageSet (e.g., “Milestone 
4/10/97”), Retrospect will create a catalog of its contents for later search 
and retrieval. Permit the creation of this catalog by pressing the Save but- 
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ton. It is best to save catalogs in the Retrospect folder, where they will be 
easy to find later. 


@ Retrospect 4.4 v 


[@Retrospect | [| Maddog 
|<? Retrospect Help 


StorageSet A rf 
StorageSet B = 


FS] Supported Devices 


Saving catalog for: 


Milestone 4/16/97 


Retrospect will ask you to verify your creation in the StorageSet Selection 
window. Just press the OK button here, which will complete your setup 
and take you to the Immediate Backup window. 


== torageset Selectin = 
Destination StorageSet for Backup... 
Ye) Choose ‘Create a StorageSet, or Mere... to use others [ox | 


O Juliana’s PB Backup 7/4/97 |*| 


0 Production Milestone 


( Tom's PB Milestone 


Run the Backup 


In the Immediate Backup window, verify that the server's hard drive is 
listed beside the Backing up button. The name of the new StorageSet 
should appear beside the To StorageSet button; “All Files” should be the 
criterion beside the Selecting button; and “Verification On” should be 
listed beside the Options button. If any of these settings are incorrect, use 
the buttons to reset them. You may then press the Backup button. 
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Immediate Backup 


Ready to Execute 
Verify your choices, then click Backup 


Backing up (cD Maddog 


Te SterageSet (_} Gi Milestone 4/10/97 
Selecting (_} All Fites 
Preview (_} click here to view or select files 


Options (__} Verification On 


Next, you will be asked for backup media. Make sure a new DAT is in the 
drive and then press the Proceed button. 


Milestone 4/16/9 


/~>, Please choose a new tape... I 
oe it will be named * 1-ftilestone 4/10/97 ” [ Proceed 
(about 1.2 6 remaining to store) 


Lnipty 


You will be able to watch Retrospect’s progress. 


0 === Immediate Seckup Sse 


If all goes well, you will be notified that the backup was successful. 
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Store the Backup Catalog and DAT 


While it is possible to create a catalog from DAT-based StorageSet, save 
yourself some time by saving the catalog Retrospect already created. 
Copy this file from the server’s hard drive onto a floppy diskette or net- 
work volume. 


Before installing the server, remove the DAT tape from the server’s tape 
drive and put it in a safe place. You now have the peace of mind of know- 
ing that should something go wrong in the following steps, such as the 
server’s hard drive crashing or the logic board being damaged, your 
users’ data will not be lost. 


If you do not have a DAT drive, you can use another type of storage 
device. Retrospect accepts a wide variety of removable media or another 
hard drive. If you do not have Retrospect, I strongly recommend that you 
get it. It is the best backup software on the market and is second in impor- 
tance only to AppleShare IP itself. I will discuss it further in later chap- 
ters. 
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Back up the Users & Groups Data File 


If you have neither backup software nor a backup drive and you are 
upgrading from AppleShare 3.x, 4.x, or Personal File Sharing, do not pro- 
ceed without at least backing up the “Users & Groups Data File” to a 
floppy diskette. This file contains all of the user, password, and privilege 
information. You will find it in the Preferences folder inside the System 
Folder on the Startup Disk. 


System Polder 
== Preferentes == 
D Mac OS Easy Open Preferences 
(1 MacsBuq Preferences 


of 


OCOUVULVOGVLCCCCGL 


(CD MacsBug Preferences folder 


[2 opendoe Prefs | Atleast back 
D PC Exchange Preferences a : 
DC Printing Prefs ae this Up: 


LD QuickTime Preferences 


(CD Retrospect a 
C1) Sound Preferences ss 
D TCP/IP Preferences oh 


b> © Timbuk - § 
OD Users & Groups Data Fite Backup 128K Be 
CD WindowShade Preferences bee 


d 
b 
b 
b 
b 
b 
b 


P 


foo 


ee eee Laraoodn 
5 Seas ide free CSB ar dale a Rat SUE EACE ta Bee Rg) GR ene Sweet SMe oe nee 


Unfortunately, this precaution will not permit you to back up Apple- 
Share’s Parallel Directory Structure (PDS) file, which is invisible. You 
would need this if you decided to revert back to an earlier version of 


AppleShare. 


If you want the details of server and workstation backups, including how 
to perform them over the network, pick up a copy of The Complete Guide to 
Mac Backup Management by Dorian J. Cougias and Tom Dell (AP PROFEs- 
SIONAL, 1995). 
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Note: If you plan to restore a backup of an AppleShare 3.x/4.x server to an 
AppleShare IP server, thereby migrating from one version to the other, make a 
note listing the exact names of all of the top-level shared folders. For example, if 
you made four folders on the server into shared volumes, you will need to record 
that. 


Se AppleShare File Server 


Server: AppleShare 3 Server 
Zone : Public 


File Server Volumes: 


Write these down. 


If you find this confusing, read Chapter 4 before continuing with the AppleShare 
IP installation. 


Are You Ready for a Rainy Day? 


Having been a network consultant for many years, one of the best pieces 
of advice I can give any server administrator is to get what I call a “Rainy 
Day Drive.” This is an external hard drive that gets a Macintosh server or 
workstation up and running quickly in the event of a system or hard disk 
crash. I recommend that you keep at least the following on it: 


e A “universal” system: a version of the Mac OS that will boot any 
Macintosh. You can install a universal system on an empty hard 
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drive using the Custom Install option. Make sure that your Rainy 
Day Drive’s system is always up to date. 


Custom Install Vv 


Check features to be installed 
Universal system for any supported computer 
CJ System for this computer 
CJ Minimum system for any supported computer 


> OF Assistance 


> FJ Compatibility 
> DO Mobility 
> £) Multimedia 
Disk space available: 1,949,152K Selected size: 40,879K 


Destination Disk 
Eject Disk 
aes [insta | 


¢ Mac OS installer disks and updaters. 


¢ The latest versions of Apple’s Disk First Aid, Apple HD SC Setup 
(SCSI), and/or Drive Setup (IDE). 


¢ Third-party device drivers. 


e Updaters for your organization’s common applications, especially 
those that are often affected by changes in the Mac OS (e.g., Connec- 
tix RAM Doubler and Speed Doubler, Symantec’s Norton Utilities, or 
anything else that makes changes to the directory structure or Finder 
operations). 


e The most recent version of Symantec’s Norton Utilities. Be aware that 
versions incompatible with the current Mac OS have been known to 
cause data loss. 


e Any other utility or diagnostic software that cannot be run from a 
Startup Disk. 


e Retrospect and its catalog files. 
e Santorini’s Server Tools and Server Manager. 


¢ <A SimpleText file containing your essential registration codes and 
passwords, particularly the registration number and Admin code for 
AppleShare. 
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e Any file encryption/decryption utilities being used at your organiza- 
tion (Kent Marsh’s FolderBolt, UsrEZ Software’s UltraShield, etc.). 


INSTALLING ADDITIONAL HARDWARE 


To make the Macintosh running AppleShare IP into a server-class 
machine, you may need to add RAM, expansion boards, and additional 
storage devices. Here is how you go about it. 


FIGURE 3-1: View of an open Apple Workgroup Server 7250. (1) PCI bus. (2) 
RAM bus. (3) Housing for power supply, CD-ROM drive, and hard disk. 
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RAM 


AppleShare IP will run under 32 Mbytes of RAM, but 48 Mbytes is the 
preferred minimum under which to run all of AppleShare IP’s compo- 
nents. If you purchased the base model Apple Workgroup Server 7350 or 
Apple Workgroup Server 9650, you already have that. If you have an 
older Apple Workgroup Server, however, you might need to add addi- 
tional RAM or use Virtual Memory (plus 32 Mbytes of real RAM). I recom- 
mend that whatever Macintosh you use should have no less than 48 
Mbytes of RAM installed. If you plan to use third-party applications such 
as Retrospect or Santorini’s Server Manager and Server Tools on the 
server Macintosh, you should install still more RAM. 


If you are not sure how much RAM the designated server Macintosh 
already has, find out by choosing About This Computer under the Apple 
(#) menu bar item. 


= About This Computer 


in 


Mac OS computer — 
* 4 


One alternative to adding more physical RAM is to enable Virtual Mem- 
ory. This can be done using the Memory control panel. 
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pa Fi 


Select Hard Disk : 


&— Macintosh HD ¢ 


Available on disk: 140M 
Available built-in memory: 16M 


After restart [20m] zon 15} 


Percent of available memory 
to use for a RAM disk: 


0% S30 100% 


RAM Disk Size 
Use Defaults 


When engaged, Virtual Memory uses hard drive space to increase a sys- 
tem’s usable RAM. 


About This Computer 


Cl Virtual al Hmery: 24.5 MB eon Macintosh HD 


™ & © Apple Computer, Inc. 1983-1997 


However, because Virtual Memory is much slower than physical RAM it 
cannot be considered an equal substitute. 


Apple Workgroup Servers and other Mac OS computers use Dynamic 
Random Access Memory (DRAM) chips in their RAM configurations. 


Second-generation (PowerPC-based) Apple Workgroup Servers 6150, 
8150, and 9150 have 8 Mbytes of RAM soldered directly on their logic 
boards. Their RAM configurations can be expanded with 72-pin Single 
Inline Memory Modules (SIMMs) of 80ns speeds or better in pairs of 4, 8, 
16, or 32 Mbytes each. There are two SIMM slots in the Apple Workgroup 
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Server 6150 and eight in the 8150 and 9150. The 6150 can be upgraded toa 
total of 72 Mbytes of RAM; the 8150, to 256 Mbytes; and the 9150, to 264 
Mbytes. 


Third-generation Apple Workgroup Servers 7250 and 8550 have no RAM 
soldered directly on their logic boards. Their RAM configurations can be 
expanded with 168-pin Double Inline Memory Modules (DIMMs) of 70ns 
speeds or better in pairs of 4, 8, 16, 32, or 64 Mbytes each. There are four 
DIMM slots in the Apple Workgroup Server 7250 and eight in the 8550. 
The 7250 can be upgraded to a total of 256 Mbytes of RAM; the 8550, to 
512 Mbytes. 


Installing RAM Modules 


Here are the steps to adding RAM to a Macintosh. (Apple recommends 
that this be done by Apple-authorized dealers only.) 


Unplug the computer and get grounded. Make sure to dis- 
charge any static electricity that might be on your body by placing your 
hand on the power supply (see Figure 3-1). Better still, use a grounding 
strap that attaches between the power supply and your wrist. These 
straps often come with the memory modules you buy. Static electricity 
can ruin computer circuitry and give you a nasty shock. 


Remove old memory modules. You might have to remove old 
memory modules to make room for new ones. For instance, to bring an 
Apple Workgroup Server 6150 up to 40 Mbytes you need to remove the 
two 8-Mbyte SIMMs already in it to make room for two 16-Mbyte SIMMs. 
Do this by placing your thumbs and forefingers at both ends of the mem- 
ory module. Use your forefingers to release the locking tabs and your 
thumbs to tilt the SIMM back and out of the RAM bus. Always handle 
memory modules by the edges. 


Install new memory modules. Perform the last step in reverse to 
do this. Place the memory module in the RAM bus and make sure the 
pins in the bus line up with the metallic tabs on the memory module. 
Next, place your thumbs and forefingers at both ends of the memory 
module and press the module into the bus at an angle. With your forefin- 
gers applying an even pressure, use your thumbs to press the memory 
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module forward into the RAM bus. When properly aligned, the locking 
tabs will snap into place. This requires very little force, so if you have to 
push hard the memory module is probably misaligned. Be careful—they 
break easily. 


Verify the upgrade. Boot up the Macintosh and select About This 
Computer under the Apple (@) menu bar item to confirm that the Mac 
OS is addressing the new RAM. 


Expansion Boards 


Peripheral expansion boards can be added to the Macintosh’s logic board 
through its NuBus slots, Processor-Direct Slots (PDS), or PCI (Peripheral 
Component Interconnect) slots. Such peripherals include network inter- 
face cards, graphics accelerator cards, modems, and high-speed I/O 
cards. 


The Apple Workgroup Server 6150 has one PDS slot that can be fitted 
with an adapter to support NuBus cards up to seven inches long. The 
8150 has one PDS slot and three NuBus slots; the 9150 has one PDS slot 
and four NuBus slots. 


Apple Workgroup Servers 7250, 8550, and later abandon the NuBus inter- 
face in favor of three PCI slots (see Figure 3-1). The Apple Network Serv- 
ers and most third-party Mac OS machines use the faster PCI as well. 


Installing Expansion Boards 
Here is how to add an expansion board. 


Unplug the computer and get grounded. Discharge static elec- 
tricity by placing your hand on the power supply or employing a ground- 
ing strap. 


Open the case. The procedure for opening the cases on various 
Macintosh computers varies, but they are usually straightforward. Con- 
sult the Apple manual if you need to. 
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Choose a bus slot. Decide which bus slot you will place the expan- 
sion board in, then remove its protective plate from the back of the 
machine. Do not lose the screw! 


Plug in the expansion board. Hold the expansion board by the 
edges and hook the metal tab that sticks up on the back of the card under 
the small bracket on the computer’s case by turning the card slightly. 
Next, tilt the board until it settles firmly into the bus slot. It should 
require only moderate pressure. Do not force it. 


If the expansion board has a hole for this purpose, use the screw that you 
took from the bus slot’s protective plate to secure the card. 


Verify the upgrade. Boot up the Macintosh. If it does not immedi- 
ately crash, the installation is probably successful. Install any software 
driver that came with the expansion board and test its workings. 


Storage Devices 


S 


Storage devices and other peripherals can be added to the Macintosh 
using Apple’s standard Small Computer System Interface (SCSI) port. 
These include hard drives, CD-ROM drives, removable media drives 
(SyQuest, Zip, Jaz, etc.), DAT drives, scanners, and some printers. You 
will find this 25-pin female port on the back of the Macintosh labeled 
with an icon that looks somewhat like a “G,” like the picture to the left. 


SCSI peripheral devices usually have a couple of 50-pin Centronics 
female ports on the back of them, although they may also have a 25-pin 
female port (e.g., Zip drive). Peripherals can be daisy-chained together 
using SCSI cabling to form a SCSI chain. 


Most Macintoshes can have a total of seven devices supported by their 
SCSI chains, although the number varies with the type of Macintosh the 
chain is attached to. Usually the internal hard drive and CD-ROM drive 
will use two positions, leaving you with five more. The Apple Work- 
group Server 7250, for instance, has a single Direct Memory Access 
(DMA) bus that supports four external devices and three internal devices. 
The Apple Workgroup Servers 8150 and 9150 have two SCSI buses and 
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can support as many as 14 SCSI devices—seven on each bus. The 8550 
also has two SCSI DMA buses and supports eight devices. 


Each device on a SCSI chain must have a unique number, referred to as a 
SCSI ID. This number, from zero to seven, determines the order in which 
devices are allowed to send data across the SCSI bus. Higher numbers 
have higher priority. SCSI address numbers never include floppy disk 
drives. The default SCSI IDs are: 


0—Commonly used for the internal hard drive 

2—External Apple CD-ROM drives 

3—Internal Apple CD-ROM drives 

5—Apple scanners 

7—The Macintosh logic board 
Each SCSI chain ends with a SCSI terminator, which can be either an inter- 
nal resister or an external plug that is inserted into the last port of the last 
device on the chain. The terminator is designed to reduce interference on 


the SCSI chain, caused when signals echo or reflect from the end back 
down the electronic path formed by the chain. ; 


Termination is important. A bad signal produced anywhere along the 
SCSI chain can cause the server to crash. Improper termination can result 
in devices not being recognized by the Macintosh at all. 


SCSI terminators come in three types: 


External Terminator Plugs 


These are palm-sized hardware plugs of three designs: 
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The first type has a 50-pin female port on one side and a 50-pin male port 
on the other side. It is placed between one of an external device's 50-pin 
Centronics ports and the end of a SCSI cable. 


The second type has a single 50-pin male port that plugs into either of a 
device’s two Centronics ports. 


The third type can be either of the two previously mentioned types but is 
black plastic instead of the traditional gray. This rarity is used in connect- 
ing external hard drives to the old Macintosh IIfx and to the LaserWriter 
lif, Ig, and Pro 630, and is designed to compensate for differences in 
these machine’s controller chips. It should not be used with any other 
type of Macintosh. 


Internal Terminators 


These are removable resister packs placed on the SCSI device itself. On- 
device terminators need to be removed if you add a second device to 
your server. Some drives have soldered, nonremovable resistors that are 
enabled or disabled with a jumper. When you remove a terminator take 
careful note of its orientation. Most are polarized and will not work if you 
reinsert them a different way. 
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Switched Terminators 


Many peripheral vendors provide a simple termination on/off switch, 
sometimes accompanied by an LED. 


Installing Storage Devices 


Here is how to install a chain of SCSI devices on an Apple Workgroup 
Server. 


Turn off the computer. Make sure the server and all of its periph- 
eral devices are turned off. 


Set the SCSI ID switches. Use the switch on the SCSI devices to 
give each one a unique number. These switches vary with the device 
manufacturer, but will usually be a thumb wheel, a toggle switch, DIP 
switches, or software. The logic board is always at SCSI ID 7, having the 
highest priority. The first internal hard drive is usually at SCSI ID 0. If 
there is another internal device such as a DAT or CD-ROM drive already 
installed and you do not know its SCSI ID, you will need a software util- 
ity to determine its address. The best known utility for this is the freeware 
SCSIProbe control panel. 


Displays message 
when there is a 
termination problem 


Hard Drive 
DAT Drive 
CD-ROM Drive 
Logic Board 


SCSIPro * 


be ~ 
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You must avoid duplication. If two devices have the same SCSI ID, the 
resulting confusion will cause startup problems and can lead to data loss. 


SCSIProbe will also tell you when the SCSI chain is improperly termi- 
nated. 


By the way, the best SCSI ID for your “Rainy Day Drive” is “6” because it 
is seldom used by other devices and takes priority if no other Startup 
Disk is specified. 


Connect SCSI cables. SCSI cabling comes in several types. A sys- 
tem cable has a 25-pin male connector at the computer’s end and a 50-pin 
male connector at the SCSI device end. The peripheral interface cable has a 
50-pin male connector at both ends. A cable extender has a 50-pin male 
connector at one end and a 50-pin female connector at the other. 


There are a few things to avoid when hooking up these cables. First, you 
should not use more than 20 feet of cable, because the signal deteriorates 
beyond that length. Cables of between 18 and 24 inches are best. Second, 
you should always use the metal clamps and screws on the cables to 
maintain a tight connection. Finally, always use high-quality cables and 
do not mix brands as each may have different impedance characteristics, 
and changes in impedance cause reflections that interfere with the signal. 


Terminate the SCSI chain. _ The SCSI chain begins with the Macin- 
tosh’s internal hard drive and ends with the external device furthest 
down on the SCSI chain. Only terminate the first and the last devices on 
the SCSI chain. 


If you have problems, there are some exceptions to the SCSI chain rules 
you might try. If the total cable length between all devices in the SCSI 
chain is 18 inches or less, you might need to terminate just one end. If the 
total cable length between all devices in the SCSI chain is greater than 10 
feet, you might need to terminate it at both ends and at the 10-foot point. 


The Apple Workgroup Servers can have problems if used with devices 
that supply termination power to their internal SCSI buses. Any drives 
which are attached to this bus should be configured with such features 
disabled. 


Power the SCSI chain. You should power SCSI devices starting 
from the last device on the SCSI chain and working your way back to the 
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server. It is also best to power up all devices, even when you do not plan 
to use them all. Never turn off a SCSI device while the server is on. 


Standardize SCSI drivers. Each storage device you add to the 
server's internal drive should use the same SCSI driver. Driver-level con- 
flicts caused by devices from several vendors can destroy data. More 
important, make sure the SCSI driver you choose is current and compati- 
ble with your Mac OS version. In general, you should use the SCSI driver 
that ships with the Mac OS and is installed and/or updated using the 
Apple HD SC Setup application or Drive Setup application. 


Installs SCS! driver 
and erases disk 


et Apple HD SC Setup v7.3 
eo ! ee Installs SCSI driver 
oe, | hewtt: 0 
: ! 3 


i 


Apple HD SC Setup \ The volume name is Mad Dog 


FIGURE 3-2: Using Apple HD SC Setup. 


Uniquely name the hard drives. A new Macintosh computer's 
hard drive is named “Macintosh HD.” A newly formatted Macintosh 
computer’s hard drive is named “untitled.” You should choose more 
original and descriptive names for all hard disks installed on your Macin- 
tosh server because, should you decide to share an entire drive on the 
network, this is the name that users will see when they log in through the 
Chooser. In the illustration below, for example, “Mac OS 7.6” is a CD- 
ROM while “Mad Dog” is a hard drive. (“Mad Dog” was one of Apple- 
Share IP’s pre-release code names.) 
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a AppleShare 5 Server 
Select the items you want to use: 


Mac 0S 7.6 
MadDog 


Checked items ( K] ) will be opened at 
system startup time. 


Uniquely naming the hard drives will help to prevent confusion and is 
especially helpful when users create server volume aliases. They cannot 
have two aliases called “Macintosh HD alias” even if each represents a 
hard drive on a different server. 


A disk name can have a maximum of 27 characters and cannot contain a 
colon or begin with a period. It should not contain any special characters 
or spaces if the server will be using FTP, since some FTP clients have 
trouble with these. For that reason, “Mad Dog” should become “Mad- 
Dog.” 


FINDING A PLACE FOR YOUR SERVER 


Your AppleShare IP server will probably be the most important single 
piece of equipment in your office. Just think what would happen if the 
hardware were destroyed or stolen while in operation. For many admin- 
istrators, this would mean the loss of files, Web server, mail server, and 
back-up drive all at once! 
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FIGURE 3-3: A great example of a server room can be found at Chartwell 
Partners International in San Francisco, under the care of Sheryl Coryell. It is 
spacious, clean, cool, earthquake resistant, and secure from intruders. 


Because of its importance, your server should be in a place that is as 
secure as possible. The best place is a dedicated “server room,” but other 
locations may do equally well if they meet the following criteria: 


1. The location should contain a strong and stable shelf or table on which 
to place the server. The server should then be held down with special- 
ly designed clamps or even bungie cords to prevent its being easily 
stolen, knocked over by a passerby, or shaken off by an earthquake. 
Do not put the server on the floor, especially if the floor may be vul- 
nerable to flooding. 


I recommend that you use one of the specially constructed racks 
available for storing servers compactly and securely. Find one on 
wheels so that you can move it around and get behind the server 
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when you need to attach and detach cables. In addition, use the spe- 
cially designed Macintosh security products (from Kensington, 
among others) to lock your server down. If space is a problem and 
you have multiple servers, try a peripheral switch box that permits 
multiple servers to share one monitor and keyboard. 


FIGURE 3-4: Bracing for disaster. 


2. The location should be insulated from extremes of temperature and 
humidity. Most computers are designed to operate in temperatures 
between 50 and 95 degrees Fahrenheit and a relative humidity 
between 20 and 80 percent. If you cannot control the environment of 
the entire room, there are several specially designed server closets on 
the market that have their own built-in environmental controls. 


3. The location should have an adequate and reliable power supply. 
You will not want to put your server next to a large copier or laser 
printer, or any other device likely to draw excessive power on the 
same circuit. In addition, always install an Uninterruptible Power 
Supply (UPS) to ensure that your server gets neither too much nor 
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too little power. Either situation can damage a computer. A UPS also 
keeps the server running long enough during a power outage so that 
you can shut it down gracefully. 


4. The location should not be near an electromagnetic field source. 
Large appliances in particular emit electromagnetic radiation that 
interferes with cabling signals and magnetic media. Do not put the 
server next to an air conditioning unit, refrigerator, elevator, etc. 


5. The location should be clean. Dust can accumulate inside the 
machine and eventually cause electrical shorts and even fires. Ciga- 
rette smoke also damages computers. 


6. The location should be locked. At the very least, it should be inacces- 
sible to the general public. Be wary of outsiders who may attempt to 
snoop or even steal the server to obtain its data. Do not leave backup 
tapes lying about either. Stealing a backup tape is even easier than 
stealing a poorly guarded server. (If you use Retrospect, employ its 
data encryption feature to make stolen tapes worthless to the thief.) 
Finally, use a screen saver utility that locks the screen and keyboard 
under a password after a certain amount of idle time has elapsed. 


If you are particularly concerned about unauthorized persons gaining 
access to sensitive data on your server, you can manage it as a “headless” 
machine. Under this scenario, you remove the server’s monitor, key- 
board, and mouse so that it cannot be controlled locally. You can then use 
remote management utilities to control the server over its network con- 
nection. 


Perhaps the single most useful remote access utility is Timbuktu Pro from 
Farallon Computing, Inc. With this application you can open a window 
on your computer that displays the screen of the remote server. You can 
use your computer's keyboard and mouse to control the server over the 
network just as you would if you were standing in front of it. 
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@ File Edit Setup Service Windows Z Zod 
- . en — fippleShare 4 Setuer “oy: 
Controlling Macintosh % flle Et Server 
Pe Volume info Ee: 
Remote Server 7 AppieShere File Server | 


Server: AppleShare 3 Server 
Zene : Public 


File Server Volumes: 


Shared Items: 


Pub 
Projects 
< Library 
Timbuktu Pro rama 
Business 


FIGURE 3-5: Controlling a server with Farallon’s Timbuktu Pro. 


Timbuktu Pro works over TCP/IP and ARA as well as AppleTalk and 
Novell NetWare, so it can be used to control servers from great distances. 


In addition to Timbuktu Pro, which gives you remote access to the server 
Macintosh’s functions, another powerful utility is Santorini Consulting & 
Design, Inc.’s Server Manager, which gives you remote access to all of the 
functions of AppleShare. This application is the subject of Chapter 9. 


CONNECTING THE SERVER TO THE 
NETWORK 


As important a decision as where to locate the server Macintosh in a 
building is where on the LAN it should be placed. To do this, you will 
need to know something about your network’s design. 
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Connecting the Server to a Network 


Figure 3-6 displays a typical internetwork, which is defined as multiple 
network segments connected by routers. Networks can be segmented to 
reduce overall traffic as the number of computers they support increases. 
A Macintosh on Segment B does not need to “hear” the interaction 
between two Macintosh computers on Segment A. Thanks to the router, it 
will not. The router only permits traffic that is destined for a Macintosh 
on Segment B to pass to Segment B. 


LocalTalk Ethernet — 
Segment A | 25 Users ty Segment B on 


= AppleShare IP 5.0 
Ethemet Fast Ethernet 
Segment C Segment D 


35 Users .s 


50 Users 
| LocalTalk 


Segment E 


25 Users 


FIGURE 3-6: AppleShare IP server placement. 


In Figure 3-6 I have chosen to place the AppleShare IP server on the Fast 
Ethernet Segment D for two reasons. First, this segment has both the 
greatest number of users and the highest available bandwidth (100 
Mbps). Second, it is in the middle of the internetwork, with no one seg- 
ment being more than two router hops away from the server. 


I might have put the server on Ethernet Segment C, which is also in the 
middle of the internetwork. However, this is a 10-Mbps segment, so there 
is not as much bandwidth available to AppleShare IP and its clients here. 
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I would not put the server on Ethernet Segment B because it would be 
resident on a slower segment and would also be three router hops away 
from the LocalTalk segments. I would absolutely not put the server on 
either LocalTalk segment. It would then be three hops away from some of 
the other network segments and on a cabling scheme that is 44 times 
slower than already slow 10-Mbps Ethernet! 


If you do not have routers on your network, this point is largely moot. If 
you do them but are uncertain about the network’s overall design, you 
can use a specialized application from Neon Software, Inc., called LAN- 
surveyor to draw a logical map of all the devices and segments on your 
LAN. This application makes planning service deployment easier and is 
invaluable in network troubleshooting. 


SSS untitled 


LANsurveyor® 


| a) | 
AISSs AppleShare 5 Server 
300.65 


503.42 Ethernet Segment 


Juliana’s PowerBook 
503.150 


"556-510 =. 
i 
— $ PowerBo 
FF | 506.214 j 


Router 


Server 


(ROUTER! 
<Unknown> 


AkpleShare 3 Servgr 
500.150 502.22 


LocalTalk Segment 


. ee 
100 


oe a 


FIGURE 3-7: Mapping your network with LANsurveyor. 


If you find yourself asking “What is a segment?,” “What is a router?,” or 
“What is a hop?,” I recommend that you buy a copy of Designing Apple- 
Talk Network Architectures by Dorian J. Cougias, Tom Dell, and E. L. 
Heiberger (AP PROFESSIONAL, 1996). 
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Connecting the Server to Multiple Networks 


The server deployment method I have just described uses conventional 
wisdom. Since the advent of AppleShare 4.2, however, another option has 
become available with the introduction of multihoming. 


Using multihoming, a server can provide AppleShare service to as many 
as four network segments from a single server. In Figure 3-8, I show an 
AppleShare IP server configured to do this with one network segment 
connected through its built-in Ethernet port, another connected through 
its built-in LocalTalk port (e.g., the Printer port or the Modem port), and 
two more segments of different types (Fast Ethernet and Fiber Distrib- 
uted Data Interface, or FDDI) connected through network interface 
expansion cards. Macintosh clients on all four segments are thus able to 
log in to the AppleShare IP Web & File Server. 


| LocalTalk Ethernet 
jam segmentA Segment B | — 
25 Users 25 Users 


| a 
= AppleShare IP 5.0 
ie. Server 


| FDDI Fast Ethernet | 
Segment C Segment D 
= 
50 Users so — 
50 Users 


FIGURE 3-8: AppleShare IP server placement for multihoming. 


As with routers, multihoming can reduce overall network traffic by dis- 
tributing it across multiple network segments. It can therefore signifi- 
cantly increase the speed with which clients interact with the server. 
Unlike with routers, however, users on the different network segments 
cannot access each other’s Macintosh computers for Personal File Sharing 
or use each other’s networked printers. 
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A router may also act as a firewall, which blocks certain types of traffic 
between networks and/or network segments. Most commonly it is used 
to block Internet users from accessing services on a LAN while permit- 
ting them to access a Web server. If a firewall is part of your network 
design and you will be using AppleShare IP Web & File Server to share 
information with Internet users, other factors come into play with regard 
to server placement. These will be discussed later. 


Multihoming has some limitations as currently implemented. It is only 
supported on PCI-based, not NuBus-based, Macintosh computers. In 
addition, it works only with AppleTalk, not TCP/IP. 


INSTALLING APPLESHARE IP 


AppleShare IP requires System 7.6 or later and Open Transport 1.1.2 or 
above. Make sure that your server Macintosh meets these requirements 
before you proceed. You can determine which version of the Mac OS 
your computer is using by looking in the About This Computer window. 


Built-in Memory: 40,960K Largest Unused Sleck: 52,729K 
Total Memory: 81 ,920K 


If you do not have System 7.6 or later running on the server Macintosh, 
you will need to install it in a new System Folder. This is called a “clean 
install” because it uses none of the components of the old System Folder. 
Use the Options button in the Mac OS Installer application’s Software 
Installation window to specify a clean installation. 
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Software Installation 


| ) Create new System Folder (clean installation) 


instalis a new System Folder instead of updating the current one. The old 
System Folder will be saved, but you will need to reinstall non-system 
extensions and contro] panels. For more information, see your installation 
manual. 


CO Open Transport PPP 1.0 Will not be installed 
CJ English Text-To-Speech 1.5 Will not be instatied 
CFD QuickDraw GH 1.1.5 Will not be installed 


After rebooting the Macintosh, restore the Users & Groups Data File from 
your backup. 


You can find out which version of Open Transport the Macintosh is run- 
ning by selecting the AppleTalk control panel inside the Control Panels 
folder of the System Folder, and then choosing the Get Info command 
under the File menu bar item. 


System Folder = 
Control Pa 


vv vv 


2 Macintosh HD: System Folder : 
Control Panels : 


Fri, Jan 19, 1996, 12:00 PM 
2 Fri, Jan 19, 1996, 12:00 PM 
21.1, © Apple Computer , inc. 

1991-1996 


b 


BeCeEePRCCc 


If you must upgrade from an earlier version of Open Transport, first copy 
down any settings that are in the TCP/IP control panel. The easiest way 
to do this is to open the TCP/IP control panel and then press the shift- 
command-4 key combination while the caps lock key is down to take a 
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snapshot of it. This file, saved as “Picture 1,” can later be opened using 
SimpleText. 


he 
P Address: 
Picture 1 bi paasks 


Router address: 


Before you run the AppleShare IP installer on a new Macintosh server, 
you must configure your computer’s Sharing Setup, AppleTalk, and 
TCP/IP control panels. If you are upgrading from AppleShare 3.x. or 4.x, 
or from Personal File Sharing, these steps may have been done already. 
You may skip ahead to installing the software. 


If You Are Upgrading AppleShare 


When you upgrade from an earlier version of AppleShare, your user and 
group accounts are retained and their access privileges are converted to 
new AppleShare IP access privileges. In some cases the old and new priv- 
ileges are not compatible, in which case AppleShare will translate the old 
privileges to the closest match that provides the most security. 


Before you upgrade, it is a good idea to generate a File Server Report 
from AppleShare 3.x or 4.x so that you will have something to work with 
if problems arise during the translation. Do this by choosing the File 
Server Report command under the Server menu bar item in AppleShare 
Admin. 
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Please select the report you went: 


@ File Server Summary (users, groups) 


© Complete Report (also volume space used) 
(This may take several minutes) 


In the dialog box that opens, choose the File Server Summary button; 
then press the OK button. AppleShare Admin will create a text file con- 
taining user, group, and privilege information. 


= File Server Summary 


Tuesday, April 15, 1997 
9:45:56 AM 


Server: AppleShare 3 Server 
Administrator: Admin 


Volumes: 
Mac licx HD 374,408K used, 136,184K available (Startup Volume) & 
Registered Users: 


<Any User> (Enabled: Login) 


Admin (Enabled: Login, All Privileges, Change Password) 
Primery Group: 
Groups: Menagement 


Aidan Dunne (Enabled: Login, Change Password) 
Primary Group: 
Groups: Associates 


FIGURE 3-9: AppleShare 3.x/4.x File Server Summary. 


When you upgrade from a previous version of AppleShare Print Server, 
its setup is not retained. You will have to re-create its print queues. 


When you upgrade from Personal File Sharing, user and group accounts 
are retained but new access privileges must be set. 
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If you need to restore an AppleShare 3.x or 4.x server from a Retrospect 
backup, or if you are migrating files from an older Macintosh to a new 
server, refer to the Special Circumstances section at the end of this chapter. 


Configure the Sharing Setup 


In the Owner Name of the Sharing Setup control panel, type your name. 
If others besides you will manage this server, you might use a generic 
name to represent an Administrator’s account, such as “Admin.” 


Network Identity 


Ovner Nome: [Admin —*d 
Ovner Password: [eens] 
Computer Name: fAppleShare 5 Server 


a File Sharing off 
Status 


xe Start to turn on file shering. This allows other 


users to access shared folders. 


ng off 
Stetua 


® Program Linki 
| 


Click Start to turn on program linking. This allows other 
users to link to shered programs. 


Type a password in the Owner Password field. It can be up to eight char- 
acters long and is case-sensitive. 


Finally, type a name for the server in the Computer Name field (e.g., 
“AppleShare 5 Server”). It can be up to 31 characters long and must not 
contain a colon. It must also be different from any other AppleTalk ser- 
vice on your network or there will be addressing conflicts when users try 
to select it in the Chooser. 


AppleShare IP will use the information you entered here. It can be 
changed thereafter with the AppleShare IP Web & File Admin program. 
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Configure AppleTalk 


To configure AppleTalk on the server Macintosh, open the AppleTalk 
control panel. Here, choose the interface type for the network on which 
you wish to make AppleShare available. To do this, go to the Connect via 
pop-up menu. If your network has routers, choose the zone in which the 
server should appear (if there are any) in the Current zone pop-up menu. 


Do not confuse network zones with the network segments I mentioned 
earlier. Multiple zones can exist on any given segment, depending on 
how your network was designed and your routers were set up. They are 
used to logically group AppleTalk devices in the Chooser for users’ con- 
venience. You might have an “Ethernet” zone and a “LocalTalk” zone, for 
instance. You might have zones for various floors in your building or for 
different departments. When there are many devices on the LAN, zones 
make them easier to locate. 


LocalTalk 


Management 
Marketing 
Production 
Public 
Remote Access 1 
Training @ Active 

alba bal @ Inactive 76.0 
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If you do not have a router on your network, you will not have zones. 
You may have them if you do have a router. 


If you have a PCI-based Macintosh server, you can make it appear in as 
many as four different zones at the same time by using multihoming. If 
you want to do this, refer to the description of multihoming in the next 
chapter. 


Configure TCP/IP 


Assuming that you plan to use the new IP services made available 
through AppleShare IP, you will need to configure the TCP/IP control 
panel. How you do this will vary depending on whether or not your 
server will have access to the Internet. If not, it will need to be configured 
to work on an Intranet. 


The most widely accepted definition of an Intranet is a LAN that takes 
advantage of the same technologies used on the World Wide Web. It is a 
LAN that uses TCP/IP, Web servers, and computers equipped with 
browsers, but it is not necessarily connected to the Internet. 


In order to use the Internet or an Intranet, each Macintosh must be given 
its own unique number, or IP address. If your network is connected to the 
Internet, these numbers must be unique throughout the world, so they 
are assigned by a central authority, the InterNIC. However, if your net- 
work is not connected to the Internet, you can simply make these num- 
bers up. 


A valid IP address contains four places, each of which must contain a 
number between 1 and 255 in the format “0.0.0.0.” If your network is con- 
nected to the Internet, these addresses will be supplied to you by your 
Internet Service Provider (ISP). On an Intranet, you can make up what- 
ever numbers you want within these basic parameters. You can build an 
Intranet by giving the first computer on the network a number such as 
“1.1.1.1,” the next “1.1.1.2,” and so on, until you reach “1.1.1.255.” 


To set up your server to work on an Intranet, open the TCP/IP control 
panel from the Control Panels item under the Apple (@) menu bar item. 
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Here, choose Ethernet in the Connect via pop-up menu and Manually in 
the Configure pop-up menu. (LocalTalk cannot be used.) In the IP 
Address field, type the machine’s unique address (e.g., 1.1.1.2). In the 
Subnet mask field type “255.255.255.0.” 


a) TCP/IP (intranet) =| 


Router address: 


To set up your server to work on the Internet, type the machine’s unique 
address as provided by your ISP in the IP Address field. Your ISP should 
also be able to provide you with the number that should go into the Sub- 
net mask field, or you might have to get this from whoever configured 
your IP router. 


Search domains: 


res4.dns pri.net 
scionnet.com 
trdell.com 
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The unique number associated with your IP router must be typed into the 
Router address field. The address(es) of your ISP’s domain name 
server(s) must be typed into the Name server addr field. Your organiza- 
tion’s domain name (e.g., “apple.com,” “apnet.com,” “scionnet.com”) is 
entered in the Search domains field. 


es dt 


When you close the window, you will be asked if you wish to save the 
changes to the configuration. Press the Save button. 


I will explain IP addressing and domain names briefly in later chapters. 
For a comprehensive explanation I recommend TCP/IP Clearly Explained, 
second edition, by Peter Loshin (AP PROFESSIONAL, 1997). 


Configure Date & Time 


To ensure that all AppleShare logs and email are marked with the correct 
times, see to it that the server Macintosh is configured with the correct 
time zone and an accurate clock. 


First, open the Map control panel. Type the name of the city nearest you 
in the field next to the Find button and then press the Find button. 


|Add City | | Remove City | v 7.5.1 
Latitude [37 |° |48 | RAN 
Longitude z2 24 |’ CIE 
Time Zone 8th 10 [m+ 
mt 0 9:06 PM 


The Macintosh will look up your city’s global position and time zone (rel- 
ative to Greenwich Mean Time). Next, press the Set button. 


Chapter 3: Installing the Macintosh Server « 61 


If the Macintosh does not know where your city is, show it by clicking on 
the appropriate spot on the map. Next, type your location’s name in the 
field next to the Find button and press the Add City button. 


Although this will tell the server where the time zone is, it still might not 
know what time it really is. Set this in the Date & Time control panel. 


[rer fg | foam fg 
_Time Formats. } 


: ee Time Zone 234) Mefubar Gack 


current time zone. 
1 (Cj Daylight Savings Time 


Sete one 


San Francisco is @ city in the Son Gor... 


Run the Installer 


After you have configured all of your server’s system software compo- 
nents, you may install AppleShare IP by launching the “Install Apple- 
Share IP” document on the installation CD-ROM. 


When you launch it, you will be presented with a welcome screen. 
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AppleShare IP 


Version 5.0 


After you press the Continue button to leave this screen, you will be pre- 
sented with a window displaying the license agreement. Next, you will 
arrive at the Install AppleShare IP window. 


Click the Install button to install 
e AppleShare IP Web @& File Server 
© AppleShere IP Print Server 

e AppleShare IP Mail Server 

e MacDNS 


Because AppleShare IP is a collection of components rather than one 
application, you can choose which services to install. Select the Custom 
Install option in the pop-up menu in the window’s upper left corner. (For 
my purposes here I'l] stick with the Easy Install option and just press the 
Install button. That will install everything.) 


If you have multiple hard drives on your server, make sure that the 
installer has targeted the correct one in the Destination Disk pane. If not, 
press the Switch Disk button until the correct hard drive is displayed. 
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The Installer script will put all the necessary software in the correct places 
on the server’s Startup Disk, then prompt you to restart the Macintosh. 
After the Macintosh restarts, you will see that an “AppleShare IP” folder 
and a “Web Folder” have been installed on the hard drive. 


Run Easy Setup 


Open the “AppleShare IP 5.0” folder to continue. In this folder you will 
find the AppleShare IP Easy Setup application. Launch it. 


This application will take you through the process of setting up Apple- 
Share IP in several screens that you can navigate by using the arrow but- 
tons in the lower right corner. 


Wolcome te AppleShare IP Easy Sotup 


You can use AppteShere IP Easy Setup to set up the following 
servers: 


e Web & File Server, which sheres files over a network 
@ Mail Server, which maneges E- mail 
@ Print Server, which manages printers and print jobs 


Whether you are installing AppleShare IP on a new server or are upgrad- 
ing from a previous version of AppleShare, you must run this applica- 
tion. Press the rightmost arrow button to advance from the welcome 
screen. Next, you will be confronted with your first choice—“normal” or 
“custom” setup. 
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Select Normal er Custom Setup 


Click Normal if your computer connects to an Intranet and/or to the 
Internet using 4 service provider. 


Click Custom if your computer connects to en Intranet only. This setup 
is for computers that connect to networks that do not have a service 
provider end that need to be set up with MacDNS. 


@ Normal @ Custom 


To continue, click the right arrow. 


As a rule, if your network is connected to the Internet, choose the Normal 
button. If it is not, choose the Custom button. If you choose the custom 
option, you will need to configure MacDNS as described in Chapter 11. 
Press the rightmost arrow button to proceed. 


Next, you will be prompted to enter your software’s serial number. If you 
are upgrading AppleShare, your previous serial number will appear. 


Each computer thet runs AppleShare IP must have e unique serial 
humber. Your serial number is printed on 4 card that came with your 
software. 


Type your serial number: 


A-111-BBB-222-CCC-333-DDD-444-EEE-555 


To continue, click the right arrow. 
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Keep this number in a safe place in case you ever need to install Apple- 
Share IP again. Press the rightmost arrow button to advance. 


The next window is used to launch the initialization process. 


Set Up Servers ; . 


if 


AppleShare |P Easy Setup will set up your computer to: 


@ Enable users to use AppleShare Client softwere to connect to the Web 
& File Server vie AppleTelk and TCP. 

@ Enable users to use FTP applications to connect to the Web & File 
Server vie TCP. 

@ Enable users to use Web browsers to visit your Web site. 

@ Manage E- mail via AppleTalk and TCP. 

@ Menage printers via AppleTalk. 


To continue, click the right errow. 


Press the Set Up Servers button here. If all is well with AppleShare IP’s 
various components, you will be rewarded with the following dialog box: 


) a Setup for the AppleShare IP servers was 
Ulead successful. Click OK to continue with 
AppleShare IP setup. 


Press OK to dismiss it. Now the Set Up Servers button will be grayed 
out. Press the arrow button to advance. 


Next, you may decide whether or not AppleShare’s servers should start 
up automatically after setup. 
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—— = AppleShare IP Easy Setup 


Easy Setup Starts Servers 


Easy Setup will start the servers that have been set up by default. 


If you do not want Easy Setup to start the servers that have been 
installed on your computer, click the Start Servers Checkbox so 
that the X disappears. 


Start Servers 


To continue, click the right arrow. 


If you do not enable the Start Servers check box, you will need to launch 
each server manually. Press the arrow button to advance. 


You may either quit the application at this point or launch AppleShare IP 
for the first time by pressing the Start Manager button. 


— = AppleShare IP Easy Setup S222 


AppleShere IP Setup Complete 


You can quit AppleShare IP Easy Setup by selecting Quit from the 
File menu, or you can click the Stert Manager button to start the 
AppleShare IP Manager. The AppleShere IP Manager provides an 
easy way to administer the AppleShare IP servers. 


If you have selected the default selection Start Servers, from the 
previous panel, the servers will start up prior to starting the 
Manager. 


Start Maneger 


To quit, select Quit from the File menu. 


After AppleShare IP launches, you will be presented with the AppleShare 
IP Manager application’s main window. 
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Web & File Admin: Not Running 
Web & File Server: Running 
Web: Enabled 
Fite Server via AppleTalk: Always Enabled 
File Server vie TCP: Enabled — 
FTP: Bethe 
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aad... Print Admin: Not Running . °° ‘ — | 
oid e ea ry : “GR =. <j Pe 
Print Server: Running 


This window serves two purposes. First, it indicates the status of four of 
AppleShare IP’s component servers. Second, it gives you buttons that will 
launch the administration programs for each server. I will cover each 
server in the following chapters. 


One More Time... 


Before you consider this phase of your work complete, I strongly recom- 
mend that you back up the new server hard drive again. This time, how- 
ever, you can do it using the same media that will begin the server’s 
rotational daily backup routine. I will show you how to set this up in the 
next chapter. 


For extra security, you might create another milestone backup as well. 


SPECIAL CIRCUMSTANCES 


In the previous section I illustrated the typical process of installing 
AppleShare IP on a new Macintosh server. Read this section if you are 
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migrating the shared volumes from an older server to a new one. If you 
are configuring your server for use on an Intranet only, also refer to 
Chapter 11’s description of MacDNS. 


Upgrading a Macintosh Server 


There are two ways to migrate an older installation of AppleShare to a 
new server. One way is to back up the original server using a software 
package such as Retrospect, then restore it to the hard drive of the new 
machine. The other way is to hook up an external hard drive to the older 
server, then use AppleShare Admin to copy its shared volumes in such a 
way as to preserve their privileges. You can then attach the external hard 
drive to the new server and move over the old folders using AppleShare 
IP Web & File Admin. 


Restoring a Hard Drive with Retrospect 


To use a Retrospect backup to restore folders and files to a new or newly 
formatted server hard drive, follow this procedure. 


First, make sure that the hard drive to which you will be restoring files is 
an active Startup Disk (e.g., it has a System Folder on it). As I described 
earlier, this must be a “clean” System Folder created by Mac OS System 
7.6 or later and containing Open Transport 1.1.2 or later. You must also 
install AppleShare IP. 


Next, install Retrospect on this hard drive. 


If you backed up the catalog file to a floppy diskette as I suggested, copy 
it to the new hard drive as well. If you did not, consult the Retrospect 
manual for instructions on how to rebuild a StorageSet catalog. 


Restore the Users & Groups Data File. Next, insert the DAT (or 
other medium) in the backup drive and launch Retrospect. 
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Back up files to o Storageset™ 
Copy files to a StorageSet—a set of disks or tapes 


Lente at nev deter tne mrtiateetvertet sesdtet hath ehig sitar teat tein Pane PetO hse a nt head MAAPSY OR APT SENET! yer Nay ppRHASTE sue! MORES reRshm! Sate wnat hander Lnorend medusaniern, 


Restore files from a StorageSet 
Recreate a disk or retrieve files end folders 


Duplicate one volume to saetions 

Make en identical copy of a — disk or folder 
paar eo oertet now 

Or make a document that runs a script when opened 


In the Retrospect Directory window that appears, press the Restore but- 
ton under the Immediate tab. This will open a dialog box in which you 
must choose a restoration method from three options. 


fg Choose the Festoro type: 


] Reatersien avis at: 


© Restore fites from a beckup 


Restore-one.or more files using a SnapShot, the complete Hst 
of diak contents for exch backup. 


vrei rs Search for files 
StorageGets. 


orem a 


Do not choose to restore the entire disk. That would overwrite your new 
System Folder. Instead, restore only files from the latest backup. 
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Restore from Beckup:Source 


12) Source SnapShot for Restore... 
uy Select a StorageSet and SnapShot, then otick OK. 


[| MJuliana’sPB Backup . © 
@® [llestone ae tae 
(@ Production Milestone 


( Tom's PB Milestone 


Current SnapShots in Milestene 4/10/97... 


as Madioy 


Next, you will be asked to identify which Retrospect SnapShot within the 
StorageSet contains the files you seek. If you followed my directions for a 
milestone backup, there should be only one. Highlight it and press the 
OK button. 


Retrospect will then ask you how much of its backed-up data you want to 
restore and where it should put it. Choose the new hard drive, select 
Retrieve just files in the pop-up menu, and then press the OK button. 


So = ===! Destination Selection, 


Destination for Restore... #8 {ranceit {| ox 7 
Eee 


| f{ Retrieve just files 


7 & Locat Desktop 


@ Mac 0S 7.6 @ 
ae Fadl 
b & Network Clients 
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The last thing you have to tell Retrospect is which files you wish to 
restore. Press the Files Chosen button. 


2) SS Restore from Backup 


Not Ready to Enecute (Restore | 
Please click Files Chesen to make changes 
| 


Seerce (_} GB Milestone 4/10/97 
Date: Gat, Jul S, 1997 at 6:10 PM 
Volume: “MadDog ” 


Destination () Maddog 
ming just files in anew folder 


Options (_} Normal 


Initially, you should restore only the Users & Groups Data File, which 
you will find in the Preferences folder within the System Folder. High- 
light this single file, then press the Mark button to select it. 


i Ie) / Marking files for Restore... 
—-“§ Clk or drag to hightight, then Mark /Unmark : 


() Expansion Manager Prefs 

() Finder Preferences 

() General Controls Prefs 

() Launcher Preferences 

() Mac OS Easy Open Preferences 

D) MacDNS™ Preferences 

D) Marathon co Preferences 

D) Netscape Registry 

CQ) PC Exchange Preferences 

() QuickTime Preferences 

() Sound Preferences 

2) CQ) Stuffit Expander Preferences 
QD TCP/P Preferences 
a 


When you close this window, the Restore button will be enabled in the 
Restore from Backup window and the Users & Groups Data File will be 
listed by the Files Chosen button. Press the Restore button to proceed. 
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Beet ma = ED ne, ae | ’ . 
i a ‘eS Ift 4 je 


Ready to Execute 
Vertfy your chotoes, then oliok Restere 


Seurce (_} EB Mitestone 4/10/97 
Date: Set, Jul'S, 1997 at 8:10 PM 
Volume: “MadDog ” 


GD Maddog 
copying just files in a new folder 


1 files (126 K) selected for restore 
will leave 780.9 M free on the destination 


Mormal 


Retrospect will create a folder named after the StorageSet on the new 
hard drive and install the new file in it. You will then need to swap the 
Users & Groups Data File AppleShare IP created during installation with 
this older one. Drag the new Users & Groups Data File from the Prefer- 
ences folder within the System Folder to the Trash, then drag the older 
Users & Groups Data File into the Preferences folder. 


System Folder 


1) Sound Preferences 
1) TCR/P Preferences 


Cy 
Lo 
Users & Groups Data File 


Now restart the computer. 


Restore shared volumes. After the server Macintosh is booted, 
launch AppleShare IP and run Easy Setup. This will convert the privi- 
leges stored in the old Users & Groups Data File to a format that is com- 
patible with the new AppleShare IP. 
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Once AppleShare IP is running you will need perform two administrative 
functions. 


1. Go into AppleShare IP Web & File Server Admin’s Users & Groups 
List to verify that your old accounts were properly transferred. 


2. Create and share the same top-level folders that were shared volumes 
on your AppleShare 3.x/4.x server. 


Unless you already know how to do this, skip ahead to the next chapter 
and read about shared volumes before proceeding further here. 


Once you have your shared volumes re-established, you will need to run 
Retrospect again. Press the Restore button under the Immediate tab in 
the Retrospect Directory window. This will open the dialog box in which 
you must choose a restoration method. 


2 istorn.ubetireatet 
merge of Pt tae win i 


teh ner he et, pe eee 
of disk contents 1 for eanh backup 


ae rl 
Barbi folders trom any baclaup. deareh tor ts 


: - os “ 


This time do choose to restore the entire disk. 


You will again be asked to identify which Retrospect SnapShot within the 
StorageSet contains the files you seek. Highlight the milestone backup 
and press the OK button. 


Once more, Retrospect will want to know how much of its backed-up 
data you want to restore and where it should put it. Choose the new hard 
drive as before, but this time select Restore an entire disk in the pop-up 
menu and then press the Subvolume button to continue. 


In the Define Subvolume window, select one of the new server's shared 
volumes and press the Define button. 
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ie) Defining a Folder es a Volume... 


Ht will be available every where in the program. 


= Maddog ¢ 


QQ Apple Extras 
O AppleShare IP 5.8 


© AppleShare IP Mail Folder 
© Desktop Folder 

@ Net Install 

© Network Trash Folder 

© Pub 

Retrospect 4.6 


After you are returned to the Destination Selection window, press the OK 
button. You may safely dismiss the warning dialog box that this gener- 
ates. 


Finally, you must again tell Retrospect which files you wish to restore by 
pressing the Files Chosen button. 


D0 SSS Restore from Bockup 
Ready to Execute 
Verify your chotoes, then oliok Restere 


Seurce (__} 9 Milestone 4/10/97 ES 
Date: Sat, Jul 5, 1997 at 8:10 PM 
Volume: “MadDog “ 


Destination (J) C2 Net install on Mawog 
Replacing all centents 


Files Chosen (_} 1264 files (1.3 G) selected for restore 
need 449.4 M more space on the destination 


As it stands now, this is all of the folders and files, but you do not want 
that. Instead, you want just the shared volume whose namesake is the 
same as the Destination subvolume. Find it and mark it. 
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MadDeog 

D keont 

( Apple Extras 

(CO AppleShare IP 5.0 


© AppleShare PF Mail Folder @ 
CC Desktop Folder @ 
v 
© Network Trash Folder @ 
© Peb 
© Retrospect 4.0 
CC Stationery 
( System Folder 
(2) Temporary items 
© Trash @ 
©) Web Folder 


When you close this window, the Restore button will be enabled in the 
Restore from Backup window and the contents of the old shared volume 
will be listed by the Files Chosen button. Press the Restore button to pro- 
ceed. 


4 SSS Restore from Beckup= = BE 


“4 Aeady to Execute 
Verify your choices, then oliok Restere 


Seurce (_} Gi Milestone 4/10/97 
Date: Sat, Jul 5, 1997 at 8:10 PM 
Yolume: “Maddog” 


Destination (_} C Net install on Mawag 
Replacing all centents 


T Files Chesen (_} 715 files (800.5 M) selected for restore 
will leave 480.5 M free on the destinatign 


Retrospect will now install the proper folders and files into the appropri- 
ate shared volume while maintaining the correct account privileges. 


Repeat this procedure for each shared volume. 


Restore everything else. You can repeat the first procedure to 
restore all nonshared folders and files to the new server. Retrospect will 
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restore all of the folders and files from the previous server, including the 
old System Folder, in a folder on the new hard drive. Drag all of the fold- 
ers except the System Folder and previous shared folders to the top level 
of the new server drive. 


Be careful about replacing new folders with old folders that have the 
same names. In most cases, such as with “Apple Extras,” you will want to 
keep the newer files. The Mac OS will warn you if you are about to do 
this. When you are finished, throw away the restored files folder. 


Copying Shared Volumes with AppleShare 


If you cannot use Retrospect to move volumes from an older server to a 
newer one, you can use an external hard drive to do so. 


First, attach an external hard drive of equal or greater volume than that of 
the originating server Macintosh to its SCSI chain, then restart it. 


After you have booted the AppleShare 3.x or 4.x server, make sure that 
the AppleShare File Server application is not running. Next, launch 
AppleShare Admin. 


From within AppleShare Admin, open the Access Information window 
by choosing the Access Information command under the Privileges 
menu bar item. This will make a couple of options available under the 
Privileges menu bar item, including the Copy (name of volume) to com- 
mand. Select this command. 


MEU Startup 


Access Information... 


Clear User/Group 
Locate Shared item 


Compact Volume Access Privileges 
Shared Item Report... 
Copy “Mat llow HU to... 


AppleShare Admin will ask you for the destination of the shared vol- 
umes, which should be the external hard drive. 
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© External HD Vv <= Mac licx HD 
Desktop 
New Folder 


E re) Copy contents of “Mac licx HD" and its 
access privileges into "External HD"? 


Press the Copy button to duplicate the volumes (along with their associ- 
ated privileges) on the external hard drive. 


Once you have copied all of the shared volumes that you wish to migrate 
to the external hard drive, attach the hard drive to the new server Macin- 
tosh. After rebooting, copy the old Users & Groups Data File to the 
server's startup disk. Then you need only run the AppleShare IP Easy 
Setup to start sharing the volumes on the external hard drive with the 
new server. 


If you want to share the volumes from the new server's Startup Disk 
instead of from the external hard drive, do not simply copy them over in 
the Finder. If you do, privilege information will be lost. Instead, use the 
Duplicate Folder command under the Server menu bar item in Apple- 
Share IP Web & File Admin to copy them over. This command is avail- 
able when the Web & File Server is running. 


SUMMARY 


When you install a new Macintosh server you must perform several steps 
in sequence: First, install any supplemental hardware on the CPU; sec- 
ond, place the server computer in a secure place; third, deploy your 
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server on the network at a location most accessible to your users; and 
finally, run AppleShare IP Easy Setup to install the server software. 


When you upgrade an older AppleShare server, or migrate server vol- 
umes from one machine to another, you must back up or duplicate its 
shared volumes in such a way as to preserve their privileges. 


Always perform a full backup of the server’s hard drive before and after 
you install server hardware or software. 


AppleShare IP File 
Server 


As you have seen in the last two chapters, dedicated AppleShare 
servers differ from ordinary Mac OS desktop computers in their 
faster processors, larger storage media, faster I/O buses, and opti- 
mized network connections. Interaction between this kind of file 
server and a workstation is a typical example of the client-server 
networking model in action. 


Since the advent of System 7, AppleShare technology has enabled 
any Mac OS desktop computer to be a nondedicated file server as 
well. Using Personal File Sharing—sort of an “AppleShare Lite”—a 
Mac OS workstation may serve files to other computers while act- 
ing as a client to dedicated AppleShare servers. Although Personal 
File Sharing also adheres to the client-server model, it is most often 
described in terms of peer-to-peer networking. 


79 
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Practically speaking, a Mac OS computer running the AppleShare File 
Server application is usually dedicated to sharing files and services with 
other computers, whereas one running Personal File Sharing is usually 
dedicated to other tasks. Mac OS workstations are seldom used exclu- 
sively as file servers because Personal File Sharing is about 10 times 
slower than AppleShare File Server and supports far fewer users. In addi- 
tion, processor performance can degrade noticeably on a Mac OS work- 
station that has Personal File Sharing enabled. 


Under AppleShare, the AppleTalk Filing Protocol (AFP) is used for com- 
munication between a Mac OS client and a Mac OS server. It is possible to 
use it on other machines, although not common. 


AppleShare IP 5.x also has the ability to transfer files with AFP. In addi- 
tion, it can move files using the Internet’s File Transfer Protocol (FTP) and 
HyperText Transfer Protocol (HTTP). Since these TCP/IP protocols can 
be used by most of the world’s networked computers, AppleShare IP’s 
new capabilities greatly extend its reach into a heterogeneous computing 
environment. 


Although AppleShare IP’s file server and Web server are both configured 
and managed by the same Web & File Server Admin application, I will 
concentrate on just the file server and its issues here. The Web server and 
its special characteristics will be discussed in the following chapter. 


How APPLESHARE WORKS 


AppleShare is an integral part of AppleTalk, the Mac OS communications 
protocol. Like many other networking languages, AppleTalk is based on 
the Open Systems Interconnection (OSI) reference model created by the 
International Standards Organization (ISO) way back in 1970. 
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AppleShare in the OSI Model 


The OSI model comprises seven layers, each of which provides an 
abstract way of representing the specific components that enable commu- 
nications on a network. These layers break down as follows. 


Application Layer 


At Layer 7, the languages and syntax that programs use to communicate 
with each other are defined. Most of the commands needed to open, read, 
write, transfer, and close files over the network are exchanged at this 
level. 


Presentation Layer 


The encoding of data so that it can be exchanged between different com- 
puter systems is managed at Layer 6. In security applications, for exam- 
ple, encryption and decryption are handled here. . 


Session Layer 


Layer 5’s job is to maintain an orderly process of communications. 
Among the things that are determined here are whether or not communi- 
cations will be one-way (half duplex) or two-way (full duplex) and how 
that dialog will be managed so that it can be recovered in the event of a 
connection failure. 


Transport Layer 


Layer 4 maintains the integrity of a transmission overall. If a 1-Mbyte file 
is sent from a server, Layer 4 ensures that an identical 1-Mbyte file is 
received by a workstation. 
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Network Layer 


At Layer 3, the route over which the sending and receiving computers 
will communicate is established. Where a network is segmented, as 
shown in the last chapter, these routes can become quite complicated as 
data hops across routers. 


Data Link Layer 


The division of data bits into frames for node-to-node transmission takes 
place at Layer 2. A process of error checking and retransmission ensures 
that all the necessary data is eventually transferred, even if a few frames 
go AWOL in Cyberspace. 


Physical Layer 


Layer 1 handles the electrical and mechanical signaling that moves data 
bits from one computer to another. While this usually takes place over 
wires, Infrared or Radio Frequency (RF) transmission can also be used. 


Note: The mnemonic phrase that helps me remember these layers, from bottom to 
top, is “People Don’t Need Those Stupid Protocols Anyway.” 


AppleTalk protocols correspond closely to most of these layers, as shown 
in Figure 4-1. 
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AppleTalk 
Filing 
Protocol (AFP) 


PostScript 


Application 


Presentation 
AppleTalk Zone AppleTalk Printer 
Data Stream Information Session Access 
Protocol (ADSP) Protocol (ZIP) Protocol (ASP) Protocol (PAP) 
Session 


Routing Table 
Maint. Protocol 
(RTMP) 


AppleTalk AppleTalk 
Echo Protocol Transaction 
(AEP) Protocol (ATP) 


Name Binding 
Protocol 
(NBP) 


Transport 
Datagram Delivery Protocol (DDP) 
Network 
LocalTalk Link EtherTalk Link TokenTalk Link 
Access Protocol Access Protocol Access Protocol 
(LLAP) (ELAP) (TLAP) 
Data Link 
LocalTalk Ethemet Token Ring 
Hardware Hardware Hardware 
Physical 


FIGURE 4~1: AppleTalk in the OSI reference model. 


Let’s look at how these protocols come into play during a typical Apple- 
Share client-server transaction. 
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AppleShare in Action 


Once AppleShare has prepared some of the server machine's folders to be 
shared on the network, AFP makes possible the transfer of files to and 
from these share points. It does it like this: 


‘Username OK? _Dwhke 
- Password OK? “FN 

-In-user category? 
‘Has acess privileges?, 


FIGURE 4-2: Client-server communication using AFP. 


1. Tom wants to read the data ina file that resides on the hard disk of an 
AppleShare file server. If the file were resident on the hard disk of 
Tom’s own computer, his request to open it would be handled by Mac 
OS file system commands. Because it is not, AFP is called in to permit 
Tom’s computer to use these same file system commands on the re- 
mote hard disk. 


2. When it realizes that the file Tom wants to read is on a remote hard 
disk, the Mac OS routes its file system commands to the AFP transla- 
tor, which turns the file system commands into AFP calls. These calls 
are then transferred across the AppleTalk network from Tom’s com- 
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puter to the AppleShare file server. The interaction is handled 
through the AppleTalk Filing Interface (AFI). 


3. Before any AFP calls can be transferred, Tom must log in. His com- 
puter must first find the server on the network. It can do this because, 
at startup, the AppleShare File Server called on the AppleTalk Ses- 
sion Protocol (ASP) to open a Session Listening Socket (SLS) and 
Name Binding Protocol (NBP) to register its name and type with this 
socket. Specifically, it is registered on the network as “AFPServer.” 
When Tom selects the AppleShare icon in his Chooser (in the upper 
left), his Macintosh initiates an NBP lookup that returns the names of 
all machines advertising this socket within the same zone (in the 
upper right). 


Select a file server: 
| AppleShare 5 Server 
1 NT 


Server (P Address... 


Remote Access 


AppleTalk Q Inactive 


FIGURE 4-3: Looking for the AFP server. 


4. Once it has located the server, Tom’s computer chooses which AFP 
version and User Authentication Method (UAM) it will use for the 
communication session. Using this UAM, the server then asks Tom 
for a user name and password that it knows. The UAM will usually 
be Clear text, meaning that anyone with a network packet analyzer 
theoretically can eavesdrop and read it, or Two-way Scrambled, 
which is illegible to an eavesdropper and therefore more secure. 
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el 


Connect to the file server “AppleShare 5 Server” 
as: 


@ Guest 
@ Registered User 


Name: 


Password: 


te 


Connect to the 


@ Guest 
@ Registered User 


UAMs 


FIGURE 4—4: Choosing user authentication methods. 


5. If Tom supplies his user name and password correctly, the server 
then considers whether or not his name falls into one of shared vol- 
umes’ user categories. If it does, the server lets Tom’s computer 
mount the shared volume on its desktop to be used as if it were a 
local drive. 


6. The server also examines Tom’s user category to determine what 
access privileges he will be granted to items in the mounted volume. 
If Tom has been granted the access privileges necessary to read the 
file, the file’s data can be transferred across the network to his com- 
puter. 


Going back to the OSI model, the AppleTalk protocols that were 
employed here are shown in Figure 4-5: 
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AppleTalk 
Filing 
Protocol (AFP) 


Application 


Presentation 
AppleTalk 
Session 
Protocol (ASP) 
Session 
AppleTalk Name Binding 
Transaction Protocol 
Protocol (ATP) (NBP) 
Transport 
Datagram Delivery Protocol (DDP) 
Network 
LocalTalk Link EtherTalk Link TokenTalk Link 
Access Protocol Access Protocol Access Protocol 
(LLAP) (ELAP) (TLAP) 
Data Link 
LocaliTalk Ethernet Token Ring 
Hardware Hardware Hardware 
Physical 


FIGURE 4-5: Client-server session in the OSI model. 
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Note: If you want to know more about how AppleTalk works, the definitive source 
is Inside AppleTalk, 2nd Ed., by Gursharan S. Sidhu, Richard F. Andrews, and 
Alan B. Oppenheimer (Apple Computer/Addison-Wesley). Note that Alan’s 
company, Open Door Networks, makes the useful AppleShare IP utilities 
HomeDoor, LogDoor, and AFP Engage!, which are discussed further on. 


With the introduction of AppleShare IP 5.0, Apple took a product that 
made the most sense for small, Mac-OS-only networks and upgraded 
it to a viable solution for medium-sized, mixed-platform networks and 
intranets. This became possible with Apple’s adoption of platform- 
independent TCP/IP. 


TCP/IP and the OSI Model 


I’ve heard many a lecture on “what is wrong with AppleTalk” over the 
years. It’s chatty, it doesn’t scale, it’s hard to manage. These criticisms 
have never shaken my faith in this elegant protocol. Of course, I usually 
hear them from people who do not know the difference between Apple- 
Talk (a protocol) and LocalTalk (a cabling scheme), which has not helped. 
I think that AppleTalk’s greatest limitation is simply that it is proprietary 
to Apple Computer. Although it can be run on PCs and UNIX machines 
as well as on a Mac OS computer, it has never become the universal stan- 
dard that the Internet’s TCP/IP is. 


TCP/IP is an open standard whose protocols are free to everyone. It can 
also be compared to the OSI model, and therefore AppleTalk, although it 
does not truly implement the Presentation and Session layers. 
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Network File 
System 
(NFS) 


File Transfer Protocol (FTP) 
oe HyperText Transfer Protocol (HTTP) 
Simple Mail Transfer Protocol (SMTP) 
Domain Name Service (DNS) 


Presentation Others 


Session 
Transmission User Datagram 
Control Protocol Protocol (UDP) 
(TCP) 
Transport 
Internet Protocol (IP) 
Network 
EtherType, 
Etc. 
Data Link 
Ethernet 
Hardware 
Physical 


FIGURE 4-6: Simple TCP/IP in the OSI reference model. 


There are a multitude of protocols within the TCP/IP suite (only a few of 
which are shown in Figure 4-6). The one that concerns us here is FTP. 
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FTP in Action 


While the Macintosh has been capable of running TCP/IP in addition to 
AppleTalk for years (MacTCP), it was not until the introduction of Apple- 
Share IP 5.0 that AppleShare users were given the option of using FTP 
instead of AFP for client-server communications. More important, FTP 
now makes an AppleShare server available to most types of computers 
throughout the world, since most computers are capable of communicat- 
ing over TCP/IP. 


FTP differs somewhat from the traditional model of file sharing as we 
know it in AppleShare. Under AppleShare, shared volumes are available 
to client users as though they were additional storage media attached to 
the users’ local computers. The clients can therefore “open” a file from 
these volumes over the network. FTP requires that such a file be copied to 
the local client computer before it can be opened. In short, it permits just 
what the name specifies, file transfer, and not really file sharing. 


Both AFP and FTP require that a reliable connection between the client 
and server be created over which files can be transferred. However, the 
mechanism for creating this connection differs between the protocols. In 
AppleTalk, AFP relies on the ASP, which in turn requires ATP (see Figure 
4-1). In TCP/IP, FTP relies on TCP. 


TCP creates a virtual circuit by supplying the server with the client’s IP 
address and a unique socket number and then requesting a connection. 
The server responds with a socket number of its own, and the TCP con- 
nection is opened. 
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Here's my socket 
number. 
Can we connect? 


Here's my socket 
number. 
Virtual Circuit open. 


Dick FTP Server 


FIGURE 4—7: Creating a TCP connection. 


Once the TCP connection is created, an FTP transaction works in much 
the same way that an AFP transaction does, with some important differ- 
ences. FTP makes use of two TCP channels that are identified by their 
port numbers. Port 20, the Data Transfer Process (DTP), is the data chan- 
nel; Port 21, the Protocol Interpreter (PI), is the command channel. The 
use of two channels enables FTP to transfer data and command informa- 
tion separately and simultaneously. 


DTP (20) 
Virtual Circuit P} (21 ) 


Dick FTP Server 


FIGURE 4—8: FTP channels within TCP Virtual Circuit. 


92 « AppleShare IP 


Note: A great source for more information about this is TCP/IP Clearly 
Explained, 2nd Ed., by Peter Loshin (AP PROFESSIONAL, 1997). 


FTP does file transfers very well, and it does them from just about any 
kind of computer. You can sit yourself down in front of a UNIX computer 
and type in the command lines needed to copy down a file from my com- 
pany’s server like this: 


ftp> ls 

200 PORT command successful. 

150 Opening ASCII mode data connection for /bin/l1s. 

total 2 

-r-Xr-xr-x 1 owner group 266240 May 16 16:39 AssetDB.fmp 
-r-xr-xr-x 1 owner group 366311 May 16 16:39 AssetDB.hqx 
226 Transfer complete. 

ftp> 

ftp> get assetdb.hqx 

200 PORT command successful. 

150 Opening ASCII mode data connection for ASSET- 
DB.HQX.HQX(19196 bytes). 

226 Transfer complete. 

Download completed at 6/20/97 8:09:10 PM 

ftp> 


FIGURE 4-9: Transferring a file with a command line session. 


You can just as easily sit down in front of a Macintosh and download that 
same file using Fetch, Jim Matthews’ well-known Mac OS shareware util- 
ity (Dartmouth College). 
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Status 
Getting file... 


AssetDB hqx 


BinHex 
366,311 bytes 


87,356 bytes 
17,471 bytes/sec 
0:16 time left 


aed 6@) Rutomatic 
SF OTent 
© Binary 


FIGURE 4-10: Transferring a file with Fetch. 


The same commands are used in both cases. Fetch just hides the com- 
mand line behind the Mac OS’ Graphical User Interface (GUI). The most 
significant FTP commands are Put, which lets you copy a file to the 
server, and Get, which lets you copy a file from the server. 


Something New: AFP over TCP! 


As elegant as the original AFP is, it is not particularly well suited to large 
heterogeneous networks. Recognizing this, and looking to gain file trans- 
fer speed, Apple engineers set about to create an AFP that could work 
over AppleTalk and TCP concurrently. The result was AFP version 2.2, 
which was first implemented in AppleShare IP 5.0 and its AppleShare 
Client version 3.7. 


The new protocol implementation’s design properties include a special 
layer that establishes a liaison between AFP and TCP. This is the Data 
Stream Interface (DSI), so named because it works over any data stream 
protocol in addition to TCP. As ASP does in AppleTalk, DSI registers the 
AFP server on a network socket. Under TCP, it uses Port 548. 
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While AFP/TCP’s new capabilities are impressive, they remain invisible 
to Mac OS users. Accessing a server’s shared volumes is still as simple as 
going to the Chooser and mounting a shared volume on the desktop, 
except that now that server might be half a world away! 


Chooser 


| Select a file server: 


AppleShare 5 Server ir} 


AppleShare Cotor SW Pro 


Enter the Server Address: 


PRUsS 
fo 
— 38.247 58.200 
LaserWriter 8 POF Writer 


AppleTalk Zones: Aliases made of this Server will fail if TCP7IP 
LocalTalk is not available. 


Server IP Address... 
Remote Access 


Training 
AppleTalk © inactive 


FIGURE 4-11: Performing a login with AFP/TCP. 


Note: If you would like to learn the programming details of the new AFP, you may 
download the AppleTalk Filing Protocol 2.2 & AFP over TCP/IP 


Specification from Apple’s Web site. 


APPLESHARE CONCEPTS 


Whether you use AppleShare IP 5.x, any of its predecessors, or Personal 
File Sharing, it is important to know the terms used in the file sharing 
model. 
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Share Points 


A Mac OS computer running either AppleShare or Personal File Sharing 
software can make its files available to be read over the network in what 
have traditionally been referred to as shared volumes. These are storage 
devices (such as hard disks or CD-ROMs) physically attached to the 


server. 


(gain pn inna mn ie meee eee cena 


Shared Volume (Hard Disk) 
Shared Items 
Folders 
MadDog ( 


Sera TeEEEe e  EC a, 
Checked items ( &J) will be opened at 
system startup time. 


FIGURE 4-12: Assorted share points. 


Shared items generally refer to the individual folders on a given storage 
device that are accessible over the network. Functionally, these are the 
containers that users select in the Chooser and mount on their desktops. 
Collectively, shared volumes and shared folders are referred to as share 
points. 


AppleShare does not share individual files directly. This is an important differ- 
ence from some other file servers. AppleShare shares only the folders and 
disks that contain files. 
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Access Privileges 


Like most file servers, AppleShare controls who will be given access to 
which shared volumes, and any folders and files within them, through 
access privileges. (Many other file servers use the term access rights. If you 
move to AppleShare IP from one of those other server products you will 
have to tell your users, “It’s no longer a right, it’s a privilege!”) 


AppleShare 3.x/4.x 


Under AppleShare 4.x and earlier, or pre~-Mac OS 8 Personal File Sharing, 
access privileges are grouped in three categories. 


See Folders. You may open a folder to see any other folders it con- 
tains. 


See Files. You may open a folder, see the folders and files inside, and 
read those files. 


Make Changes. You may open a folder, see the folders and files 
inside, and read, move, modify, delete, or write files. 


Owner : 


User /Group : 


‘a Make all currently enclosed folder Hke.this one = 


[7] Can’t be moved, renamed or deleted 


FIGURE 4-13: Earlier Mac OS file sharing access privileges. 
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Each access privilege can be applied to any folder singly or in combina- 
tion, creating the possibility of seven access levels. 


Again, AppleShare does not share individual files, so all access privileges 
apply only to a given file’s enclosing folder. 


AppleShare IP 


These traditional access privileges have slightly different counterparts 
under AppleShare IP and Mac OS 8 Personal File Sharing. They are now 
grouped in the following categories. 


Read & Write. You may open a shared volume to see what folders 
and files it contains; you may copy folders and files to and from it; and 
you may open, create, move, modify, and delete those folders and files. 
These are full access privileges. 


Read Only. You may open a shared volume to see what folders and 
files it contains, and you may copy folders and files from it and open 
them. 


Write Only. You may copy folders and files to the shared volume. A 
shared volume with such access privileges is commonly called a “drop 
box” because you can copy data into it but cannot open it to see what else 
is inside. 


None. You may not open the shared volume to see what is inside, or 
copy folders and files to or from it. You may not even log into it. The 
shared volume appears in the Chooser, but is grayed out. 
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0S Jom Dell’s Shared Files SSS 


al Where: Macintosh HD: 


[J] Can*t move, reneme, or delete this item 
(4 Share this item and its contents 


Privilege 
Owner: (Webmaster 73) | SH ($) 


User /Greap: (Scion People| 3) | Y ($) 


FIGURE 4-14: Current Mac OS file sharing access privileges. 


Accounts 


Access privileges are assigned to two types of server accounts: 


E, Users. User accounts each contain a user name and password. Most 
often, they are called by people’s real names (e.g., Jane Doe). Some orga- 
nizations, such as schools, prefer to call them by machine names (e.g., Sta- 


tion 1). This permits many people to use a single account. 


| | Groups. For convenience, collections of users can be given access to 

EF the same share points through group accounts. Different groups are then 
given access to only the shared items that concern them. Most often, these 
items are named for departments (administrators, accountants, etc.). 


Users may be members of many different groups and therefore may have 
many different levels of access. A user account and password are 


required to be part of a group. 


Chapter 4: AppleShare IP File Server «99 


Note: Have you noticed that users look happier in Mac OS 8 than in System 7? 


See for yourself: 
E 


FIGURE 4—15: System 7 users versus Mac OS 8 users. 


User Categories 


To access a shared volume, a user or group must fall into one of three cat- 
egories associated with it. 


== Toit Dell’s Shared Ales == 


Where: . Mecintosh HD: 


(I can‘t move, rename, or delete this item 


FIGURE 4-16: User categories for a shared volume. 
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Owner 


This is the person who created the item being shared. When a folder is 
created on the server directly, ownership is assigned to the administrator 
account. When someone creates a folder on the server from a remote 
workstation, that user’s account is usually assigned here. More on this 
later. 


User/Group 


Here a second account may be granted access to the shared item in addi- 
tion to the owner. This can be one other individual if a user is selected, or 
several people if a group is used. 


Everyone 


If a user is not specifically listed in the Owner or User/Group field, either 
directly or by group association, that account will not be allowed access 
to this shared item unless access privileges have been assigned to this cat- 
egory. Conversely, assigning access to the “Everyone” category, formerly 
called “Any User,” makes the shared item available to any registered 
AppleShare User. 


As ominous as it might sound, this fact in and of itself does not jeopardize 
the overall security of your server. What it does do is enable login access 
to the “guest” account, which in turn derives its access permissions from 
the Everyone field. 


I will discuss the nuances of file sharing privileges and user accounts in 
Chapter 8. 
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ESTABLISHING FILE SERVICES 


Enough with the background! Time now to try out your newly installed 
server. In this section I will show you how to get it up and running fast. 
We will spend more time on the management concepts further on. 


Launch Web & File Server Admin 


To use the file server for the first time, launch the Web & File Server 
Admin application. Double-click on it directly or, if you have AppleShare 
IP Manager running, press the first button in the window. (You can also 
choose the Open Web & File Admin command under AppleShare IP 
Manager’s File menu bar item.) 


7. Web & File Admin: Not Running 
y 3 F Web & File Server: Not Running 


Open Web & File Admin Web: Enabled 
e Server vie AppleTalk: Always Enabled 


File Server vie TCP: Enabled 
FTP: Enabled 


Mati Admin: Not Runnlng 
Mail Server: Not Running 


Print Admin: Not Running 
Print Server: Not Running 


FIGURE 4~17: Launching Web & File Server Admin from AppleShare IP 
Manager. 


This will open a password dialog box, in which you must enter the 
Administrator Name and Password, which are the same as the Owner 
name and Owner Password you entered during the server's setup (see 
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Chapter 3). This precaution prevents unauthorized people from sitting 
down at your server and reconfiguring AppleShare for you, although it 
will not stop them from trashing files on the hard disk. 


=== === Administer Web & Fite Serva 


adointetretor tame: [nie] 


Press the OK button when you have done this, and the Web & File Server 
Activity window will appear. 


Web 0 File Server Activit 


Status: Not Running Current User Activity: 


Name: AppleShere 5 Server Set Maximum: Min —————#" 
Anonymous FTP Log On: Enebled 
* Guest Access for Web & File Server: Enabled 


(day hr:min) (dey hr:min) 
Connection Type Connected For Idle For 


FIGURE 4-18: AppleShare IP Web & File Server Admin and its Web & File 
Server Activity window. 


This window is designed to tell you, at a glance, the users connected to 
your server and how active they are. You can toggle between making the 
window visible and invisible with the Show Web & File Server Activity 
command under the Server menu bar item, or with the Command (%)-K 
key combination. 
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If you had Web & File Server launched automatically at startup when the 
choice came up in Easy Setup, you will now notice that the Status line in 
the upper left corner lists it as “running.” Otherwise ... 


Launch Web & File Server 


If the Web & File Server application is not already running, you can 
launch it manually by choosing the Start Web & File Server command 
under Web & File Admin’s Server menu bar item (or by pressing the 
Command (%)-[ key combination). 


El ——————— Server info. = Connected Users 


SEES! AppleShere IP Web & File Server 
AppleShere 5 Server 


Default Zone: Public 
File Server via TCP: On FTP: On 
Multihoming: On HTTP: On 


File Server Yolumes: 


pos Ft 
Ma 


Shered items: Remete User Activity: 


FIGURE 4-19: AppleShare IP Web & File Server and its Server Info and 
Connected Users windows. 


Do the Server Info and Connected Users windows look familiar? They 
should, since they maintain AppleShare’s traditional interface. These 
windows differ little from their counterparts in AppleShare 3.x and 4.x. 
Note that much of information displayed in the Web & File Server Activ- 
ity window is duplicated here. 


If you have upgraded your server from an earlier version of AppleShare 
or from Personal File Sharing (see Chapter 3), you will see your original 
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share points listed in the Shared Items pane in the Server Info window 
(lower left). If not... 


Create Share Points 


Let’s give the server something to share. Create a folder on the server's 
hard disk and name it “Pub.” We will make this the container for any files 
that you wish to share with the rest of the world via Anonymous FTP. 
“Pub” is a commonly used Internet convention that designates a “Public” 
directory. 


You will also need to share the “Web Folder” that AppleShare IP created 
on the server’s hard drive automatically when the Web & File Server was 
first started. Doing so will give Web browsers access to the Web server's 
HTML pages. 


FIGURE 4-20: Creating a folder for Anonymous FTP. 


To continue, bring Web & File Admin forward in the Finder and select 
the Show Disks & Share Points command under the Server menu bar 
item (or use the Command (3)-L key combination). Here, click on the 
arrow next to the name of the server’s hard drive to get a cascading view 
of its contents and then choose “Web Folder” in the list. 
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Privileges 
Enclosed Privileges 


te | Apple Extres 
QR AppleShare iP 5.0 
ey | AppleShare iP Mail Folder 


RY desktop Folder 


FIGURE 4-21: Configuring the share point. 


When a folder—a potential share point—is highlighted in this list, the 
Privileges and Enclosed Privileges buttons become active. The Privi- 
leges button determines what access privileges the selected folder will 
have. The Enclosed Privileges button determines what access privileges 
all folders within the selected folder will have. If you press it, all subfold- 
ers will adopt the privileges of the parent folder. 


Choose the Privileges button here to open the Web Folder’s Privileges 
dialog box (or just double-click on it). 
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Select Privileges 

@ Use enclosing item's privileges 

Set privileges for this item 

@® Moke this a share point and set privileges 


ee ee 


Show Users & Groups List 
Owner: [ & Admin 


User /Greup: ] 


avovarehl 


Everyone: 


Meke all enclosed folders like this one 


(_] Can't move, rename, or delete this folder 


FIGURE 4-22: Share point privileges. 


In the Privileges window, choose the Make this a share point and set 
privileges button in the Select Privileges field. The Administrator's 
account name is listed in the Owner field by default. All you need to do at 
this point is change the access privileges for Everyone to Read Only (eye- 
glasses) in the field’s pop-up menu. Press the Save button; then close the 
Privileges window when you have finished. 


Repeat this process for the Pub folder. Once you have done this, you will 
notice that the icons of the two folders in the Disks & Share Points win- 
dow have changed to show that the folders are now accessible over the 
network. 
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Show: @ Disks 
@ Share Points 


y 


MadDog 
Apple Extras 
Cy AppleShere IP 5.0 


QR Appleshare IP Mail Folder 
QQ Desktop Folder 


‘= asta 
shared folder 


te | Retrospect 4.0 folder 


L 
Ea Yeb Folder shared folder 


t 
4 


v7vvvvvvdd 4 


FIGURE 4-23: Folders enabled as share points. 


Why give everyone just read-only privileges? Security. If you are on the 
Internet, these folders will be open to anybody, and some malicious souls 
have been known to upload viruses and other nasty things to unsuspect- 
ing sites that permit write access. In other cases vandals may upload so 
much data to the server that it fills up the hard drive and causes a system 
crash. This is known as a Denial of Service attack. Unless you have a good 
reason for letting strangers upload to your server, stick with read-only 
privileges. (If you need to enable write privileges, get Santorini’s Server 
Tools, discussed later in this chapter.) 


Rather than search through all of the hard disk’s folders to see your 
shared items, you may now press the Share Points button to display only 
these two shared items. 
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Disks & Share Points pf] 


Show: @Q Disks 
@ Shere Points 


b IY Pub shered folder 
b (EY web Folder shered folder 


FIGURE 4-24: Viewing share points only. 


Note: If you were to share the server’s startup volume (“MadDog” in the 
illustrations), all folders on that volume would become shared items except the 
System Folder. 


You may close the Disks & Share Points window. The two new shared 
volumes should now be visible in the Server Info window of the Web & 
File Server application. 


Chapter 4: AppleShare IP File Server ¢ 109 


AppieShere IP Web & File Server 
" AppleShere 5 Server 


Default Zone: Public 
Fite Server vie TCP: Gn FTP: On 
Multihoming: On HTTP: On 


File Server Volumes: 


FIGURE 4—25: New shared items in the Server Info window. 


Enable AFP/TCP 


Next, choose the Web & File Server Settings command under Web & File 
Server Admin’s Server menu bar item. This will open the Web & File 
Server Settings dialog box in the General category (upper left): 


: . —_ = tp ata my ee 5° YF = — 
Faas | ome Tana MaDe e nT, uote ile Gt ae oe aR Cee es 
; General Vv 


At this point, your server is network accessible via the Chooser using 
AppleTalk, a Web browser using HTTP, and an FTP client through 
TCP/IP. If you want to make it accessible to Macintosh users via the 
Chooser and AFP/TCP, select the Enable File Server Clients to Con- 
nect over TCP checkbox. 
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El) SSS Web « File Server Setting = 


| Web & File Servor Nome: [AppleShare Serve] | 
| DiStert Wed & File Server on System Startup 


| Guest Connections: Max 
| File Server and FTP Client Connections: [250 _]Mex 


I Enable File Server Clients to Connect over TCP 


File Server Log On Greeting 


FIGURE 4-26: Enabling AFP/TCP access. 


Now any Mac OS computer with the AppleShare Client version 3.7 or 
above may take advantage of this new AppleShare IP feature. 


Automate Startup 


If you did not tell Easy Setup to start your file services automatically, you 
have another chance to make this happen here. Just select the Start Web 
& File Server on System Startup checkbox. 
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2) 5 web a Ale Serwer Settings 8 


e Server on System Startup 


File Server and FTP Client Connections: Max 


[J Enabte Fite Server Multihomtng (AppleTalk) 
[id Enable File Server Cltents to Connect over TCP 


FIGURE 4-27: Enabling automatic startup. 


Reserve Memory 


Next, choose Cache in the Web & File Server Settings window’s pop-up 
menu. This very important setting determines the amount of RAM 
AppleShare IP uses to pre-load commonly accessed information, which 
reduces the number of calls made out to the hard drive when users 
request that data, and thus makes the server faster. 
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Web & File Server Setting: 


The Web & File Server ceche expands 
watil it eccuptes ali uareserved 
me merry. 


By reserving memory, you meke sure there is 
enough memory to run other applications. 


Reserved memory for other applications: aI k 


Total Available Memory: 34472k 
Maximum Cache Size: 30376k 


FIGURE 4-28: Setting aside some RAM. 


By default, AppleShare IP gradually grabs all available RAM, leaving just 
1 Mbyte for other applications. This makes the server far faster than it 
would be without caching, but it leaves little RAM for other applications 
that might reside on your server, such as Retrospect or Server Manager. 
You will therefore need to add up each application’s memory require- 
ments and make sure that enough RAM is left for them by setting the 
Reserved memory for other applications field. 


Enable Web Services 


Next, choose Web in the Web & File Server Settings window pop-up 
menu. 
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By Enable Web Log 


= — a 


[Sy Current Web Folder: 


§ MedDog:Web Folder: 


= Current Default Home Page File: 
“| MadDog:¥eb Folder:Home.HTML 


FIGURE 4-29: Enabling Web access. 


If you want users to be able to see the HTML pages stored in the Web 


Folder, you must make sure the Enable Web Services checkbox is 
selected here. 


Enable FTP 


Next, choose FTP in the Web & File Server Settings window pop-up 
menu. 
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Web & File Server Settings 


Enabie FTP Service 


[3 Enable Anonymous Log On 


Yeu have onebled anonymous FTP. 
m All folders to which guests heve access will 
be accessible by anyone who can reach the 
FTP port on this computer. This may include 
enyone on your local network, intranet, or 
the Internet, depending on how your network 
is configured. 


Gz 


FIGURE 4—30: Enabling FTP access. 


The purpose of the Pub folder is to provide a safe place in which anyone 
in the world may log in to download files from your organization. To 
really make this possible, select the Enable FTP Services and Enable 
Anonymous Log Ons buttons here. Press the Save button when you have 
done this. 


The “Enable Anonymous Log On” feature is not exactly the same as guest 
access, as I will show you further on. To use an anonymous logon, an 
unknown user must log in over FTP with the account name “anony- 
mous.” It is customary for such a user to use an email address as the pass- 
word. 


— ee ee epee 


SS New Connection... =. ===. | 


| Enter host name, userid, and password (or 
choose from the shortcut menu): 


Host: 
User ID: 


Password: 


Directory: 


Shortcuts: 


FIGURE 4-31: Logging in with Anonymous (via Fetch). 
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This feature is similar to guest access, however, in that any shared item 
on your server that is open to guests is also open to anonymous FTP 
users. Both derive their access levels from your configuration choices in 
the everyone category. 


Note that whenever you make a change to the settings in these dialog 
boxes, the Revert and Save buttons become active. 


To apply your changes, press the Save button. To go back to the settings 
that were there previously, press the Revert button. 


You do not have to press the Save button each time you choose a new cat- 
egory in the pop-up menu. Simply close the Web & File Server Settings 
window when you have finished, and you will be prompted to save all 
your changes. 


That’s all for now. Your server is up and running. Next you will need to 
establish accounts for everyone who will be using it. 


Note: Before subjecting your new file server to a full workload it is wise to test it. 
Enable its basic functions and then let a select group of competent users copy files 
back and forth from it for a week or so. In this way you should be able to identify 
and correct problems before the server becomes a vital component of your 
organization's day-to-day operations. 
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MANAGING USERS AND GROUPS 


By this point, you have made a couple of share points available to anyone 
by assigning read-only access to the everyone category. Naturally, these 
shared items should contain nothing that you do not want everyone to 
see. To share files that are restricted to certain people, you will need to 
create user accounts and passwords for those people. Under AppleShare 
IP, people who have such accounts are called registered users. 


Creating Users 


To create a user account, begin by selecting the Show Users & Groups 
List command from Web & File Admin’s Users menu bar item. This will 
open the Users & Groups List window. 


Last Log On 
Gd Admin Administrator 7/5/97, 1:01 PM 
A) Guest Guest 
Mail Administrator User Never 


2 Users, O Groups | ¢ {ieee 


FIGURE 4-32: Opening the Users & Groups List. 
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If you have upgraded from Personal File Sharing or a previous version of 
AppleShare, your original users and groups will be visible here. 


Press the New User button in the upper left of the Users & Groups List 
window (or press the Command (%)-N key combination). 


This opens an untitled User dialog box with the General category 
selected in the pop-up menu. Type a name or machine designation in the 
Name field and a password in the Password field. User names may be up 
to 31 characters long and are not case-sensitive. Passwords may be up to 
eight characters long and are case-sensitive (resulting in novice user mis- 
take #1). 


You do not have to assign a password, but I strongly recommend doing 
so if your server’s volumes contain anything of value. 


General bd 


(] Program linking | 
1 . 

User may logon ((] Disable log on es of: 

User may chenge pessword 

L] Require new pessword on next log on 


FIGURE 4-33: Entering a user name and password. 


Next, enter a name in the Internet Alias field. The Mail Server uses the 
Internet alias as a user email address. A valid Internet alias must be 
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unique and consist of alphanumeric characters. It is not case-sensitive, 
and some “special” characters are permitted: 


1#S$%Ga'*e*+-/=7> {Fl *_-. 


People may also use their Internet aliases instead of their user names to 
log on to the file server. You cannot type in an Internet alias that is the 
same as the name you typed in the Name field. If you want the two to be 
the same, leave the Internet Alias field empty; then make sure that there 
is aname in the Name field that is valid according to the criteria required 
of an Internet alias. 


L] Enable user to administer the server 


LJ Program linking 


GQ User maylogon [[] Disable logonesof:( 7/ 5/97 | ea 
Gd User may chenge password 
LL] Require new password on alk bal 


Se ocasedinadicillllndinenatetataitendinallinieiesmtaniaatantinentitanstatiaatentaanaetioataatatitaatentaee iia Powe Tras! 


Cs 


FIGURE 4-34: Entering an Internet alias. 


When you have done this, close the window and save the changes when 
prompted. You should now see the new account in the Users & Groups 
List. 
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Users 8 Groups List Fe 


Administrator 7/5/97, 1:01 PM 
Guest 


@ Mail Admini 


Cli G Tom Dell Never 


3 Users, OGroups | 4 i 


FIGURE 4-35: A new user in the Users & Groups List. 


Managing Users 


Several options are available for controlling an individual’s access to 
server resources. By default, all new users are assigned a couple of privi- 
leges automatically. These are visible in the User dialog box when Gen- 
eral is chosen in the pop-up menu. 
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>= ser untitied 1B 


Name: Pesewort: [eooee | 
| Internet aites:[fode) 


| [J Enable user to administer the server 


| (Cl Proprpmn Jini 
| i User meytogon [J Disable log onesof:{ 7/ 8/97 | 


User mey chenge pessword 
|_| Require new pessword on next log on 


FIGURE 4-36: Default privileges for new users. 


Logon Enabled 


Think of this as turning file server access “on” or “off” for a given user. 
Whenever you want to prevent someone from using an account to log on 
to the Web & File Server or Mail Server, simply de-select the User may 
log on checkbox. 


(ey John Larooca Disabled User 
(3 Jon Larson User 


This feature is useful for security. When people leave your organization it 
is wise to remove their accounts immediately so that they do not inad- 
vertently create a break-in point for some hacker. Sometimes, however, 
you will want to preserve these accounts for a while so that their associ- 
ated access privileges may be re-assigned to the users’ replacements. De- 
selecting this checkbox renders the accounts inactive and harmless. 


A related feature is the Disable log on as of [date] checkbox. When 
enabled it allows you to program an account to “time out” at a given 
time. This is particularly useful for temporary users. The account is not 


A 
ST 


Chapter 4: AppleShare IP File Server « 121 


deleted after the specified time has elapsed, but it is made inactive after 
the user attempts to log on beyond the date you have specified. 


Note: The Mail Server will continue to accept mail for this user beyond that date, 


but you will need to re-enable the User may log on checkbox if he or she is going 
to be allowed to read it. 


Passwords 


If the User may change password checkbox is selected, people may either 
create a password, if you did not assign one initially, or change one you 
assigned. If you want people to use only the passwords you assign, de- 
select this checkbox. 


This setting only affects logons from the AppleShare client and client 
email applications such as Claris Em@iler. Users are not allowed to 
change their passwords via FTP. 


If you click on the Require new password on next log on checkbox, you 
can assign simple passwords, such as people’s first names, and then 
require that they be changed to something more difficult when users log 
on the first time. 


This option works only with the AppleShare client, not with FTP, Mail 
Server, or Web connections, so do not enable it for the accounts of non- 
Mac OS users. They might not get the messages telling them that they 
need to create a new password and will get plenty ticked off when the 
server will not let them log on with the password you gave them! 


In addition to these default settings, you have a couple of other choices 
here: 
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Administrator Access 


When you ran Easy Setup, it took the Owner Name and Password of the 
server computer and assigned them as belonging to the AppleShare IP 
administrator (see Chapter 3). With this user name and password, you 
have access to all of the AppleShare IP administrative applications run- 
ning locally on the server machine. You also have access to the contents of 
all of the server’s volumes remotely over the network, whether or not they 
are designated as share points. In the world of AppleShare, thou art God! 


User: untitied 1 


| Name: | Juliana Carnes Dell Password: [eccee | 
Internet Alies: [Jods 


_ Pi User may logon [J Disabte log on as of: coang 
[ij User may chenge password 
ou ea ieacand PeaieC CT i ha 


FIGURE 4-37: Additional privileges for new users. 


You can bestow server divinity on others by selecting the Enable user to 
administer the server checkbox, thereby creating “super users.” This fea- 
ture permits you to share administration duties with other worthy souls, 
which is particularly handy when you go on vacation and need to give 
someone else administrative access to the server but not necessarily to 
your email. 


This very powerful feature should be used carefully. If you enable it for 
the wrong people, you run the risk that they will see something they are 
not supposed to have access to or even delete something inadvertently. 
At the very least, it may confuse them when they see entire hard disks in 
their Choosers instead of the shared items they have grown accustomed 
to seeing. 
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se AppleShare 5 Server eal AppleShare 5 Server 
Select the items you want to use: Select the Items you want to use: 


Mac OS 7.6 
MadDog 


Mac OS 7.6 


Pe 
O 
O 


Pub 
Web Folder 


Checked Items ( £1 } will be opened at Checked items ( & } will be opened at 
system startup time. system startup time. 


FIGURE 4-38: What a “super user” sees at login versus what a normal user 
sees at login. 


Program Linking 


Program linking, a feature of the Mac OS since System 7, permits applica- 
tions to share information and commands either locally or over the net- 


. work. If an application that takes advantage of this feature is running on 


your server, you can allow applications on client machines to communi- 
cate with it by enabling the Program linking checkbox in a user account. 


Exercise caution when enabling this function as well. Program linking is 
commonly used by remote administration applications that can pose a 
security risk in the wrong hands. For that reason, think of it as unneces- 
sary unless you know exactly how and why it is being used. 


Comments 


Are you finding some of this user-based information hard to keep track 
of? No problem. AppleShare IP’s thoughtful engineers have provided a 
place for you to organize little details. Simply choose Comments in the 
pop-up menu and leave yourself, or other administrators, some notes. 
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Cass has moved to Minneapolis, so she won't be needing 
this eccount anymore. That's why | disebled the logon. 
Don't delete it yet, however. | want to reassign the 
privileges to Cass’ replacement. - Admin 


FIGURE 4-39: Leaving yourself a note. 


You can type up to 255 characters here. 


By the way, once you have created a user, you do not have to open its dia- 
log box each time you want to change its attributes. Just choose a com- 
mand under Web & File Server Admin’s Users menu bar item. 


ita Window 


Show Users 0 Groups List su 


New User... eth | 
New Group... 86 
Open Selection... #0 
Duplicate User #0 
Duplicate User Muitipie... 
Delete Users/Groups... 


| Administer Server... 


Log On Privileges... 
Schedule Disabled Log On... 
Progrom Linking... 


Change Password... 
Require New Peseword... 


FIGURE 4—40: Changing attributes from the Users menu bar item. 


Attributes 
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Special Accounts 


In addition to the accounts that you create as server administrator, Apple- 
Share IP creates three accounts of its own. 


gg ES ae DRT Sy ee ei ee 


= = = - - rar = 7 7 zr] CR Tae’ 
i : aon mar Wa | ee ede Sas 
= tHeore @ Grmine < 
SSS ae - Rae ete ba ——— 
i Y casas pa, ee AY AT, PEP or outset a —. 


Administrator 7/8/97, 3:33 PM 
Guest 
User 


3 Users, OGroups | 4m 


FIGURE 4-41: Special accounts created by AppleShare IP. 


Administrator. This is a special account designed for use by your 
organization’s server administrator—presumably you. It takes its name 
and password settings from the information you entered during the 
server's setup. I used the generic name “Admin” in my setup (see Chap- 
ter 3), but you might have used your own name. With this information, 
you can mount the server's entire hard drive on the desktop of a remote 
computer, see everything in it, and make changes to anything on it. 


Although I am the administrator of my company’s AppleShare IP servers, 
I have chosen not to use my name in the administrator account. By giving 
this account the generic name “Admin,” I have separated my network 
identity from one of my job functions, so I can hand over access to the 
servers to someone else without also handing over access to my email. 


Any super users you create will be listed as “Administrator” under the 
Users & Groups List’s Kind column. 
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E 


io 


Mail Administrator. This is a simple user account created to receive 
notifications from Internet-based email servers of email-related problems. 
Any email sent to the address of “Postmaster” should go here. 


Guest. This account is for individuals who do not have their own 
accounts on your AppleShare IP server but with whom you still wish to 
share files. 


al User: Guest SSB 
[i Enable Guest Access to the Web & File Server 


(-] Enabte Program Linking 


FIGURE 4-42: Enabling guest access. 


This so-called “guest access” can be a very dangerous thing if not managed prop- 
erly! 


Remember the everyone category? Everyone is not the same as anyone 
unless you enable logon privileges for this special account. Without guest 
access enabled, everyone means “any registered users.” With guest access 
enabled, everyone means “any registered users and anybody else!” 


If you allow guest access: 


e Anyone on your local network can log on to the Web & File Server 
using the AppleShare client and gain access to any shared item that 
permits everyone privileges. 


e Anyone on your local network or on the Internet can use a Web 
browser to view the pages in the Web Folder, assuming that you have 
enabled the Web Folder’s privileges for everyone (as we did earlier in 
this chapter). 
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Connect to the file server “AppleShare 5 Server” 
as: 

@ Guest 

@ Registered User 


FIGURE 4-43: Logging on using guest access. 


If you do not permit guest access, only registered users will be able to log 
on to the Web & File Server or read your Web pages. This makes for a 
more secure server. However, if you disable guest access... 


No one on your local network can log on to the Web & File Server 
using the AppleShare client and gain access to any shared item unless 
he or she has a registered user account, even if the shared item per- 
mits everyone privileges. 


No one on your local network or on the Internet can use a Web 
browser to view the pages in the Web Folder unless he or she has a 
registered user account. 


Anonymous FTP users on your local network or on the Internet will 
be able to access shared items that have everyone privileges enabled. 
Whether or not you enable guest access, it will have no effect on whether or 
not Anonymous FTP access is allowed or denied. This is an important dis- 
tinction that many administrators who have been using AppleShare 
3.x/4.x might not realize. Anonymous FTP access is allowed or 
denied in the Web & File Server Settings dialog box (which we set 
earlier in this chapter). For maximum security, it is no longer enough 
to simply disable the logon privileges of the guest account. You must 
disable Anonymous FTP access as well. 


Confused? Worried? Don’t be. Here are some simple rules: 
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If you wish to maintain maximum security, disable both guest and 
anonymous FTP access. 


If you wish to permit outsiders to browse your Web site, permit guest 
access but allow only read privileges in the everyone category of the 
Web Folder. 


If you wish to allow outsiders to download software from your 
server via FIP, enable Anonymous FTP access but permit only read 
privileges in the everyone category of folders containing public data. 
I further recommend that you confine this access to a single Pub 
folder. 


If you wish to allow outsiders to download software from your 
server via AFP/TCP, permit guest access but give them only read 
privileges in the everyone category of folders containing public data, 
such as the Pub folder. 


If you enable either Guest or Anonymous FTP access, do not assign 
privileges in the everyone category for any folder that contains data 
or software that you do not want shared with strangers. 


You can quickly tell if your server is open to guest and anonymous FTP 
users by looking at the Web & File Server Activity window. 


SSS Web 6 File Server 0h Fi 


Name: AppleShare 5 Server 


Anonymous FTP Log On: Enabled 
3 Guest Access for Web & File Server: Enabled 
day br:min) 
Connection Type Connected For 


FIGURE 4-44: Guest and Anonymous FTP listed as enabled in the Web & File 


Server Activity window. 
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Duplicating User Accounts 


If the settings you have established for one user will be common for oth- 
ers, you can save some time by duplicating that account. To do this, select 
the user that you want to copy from the Users & Groups List, and choose 
the Duplicate User command from Web & File Server Admin’s Users 
menu bar item (or press the Command (3)-D key combination). 


Administrator 
Guest 

(3 Juliens Del! User 

(9 Mail Administrator User 


(® Scion People Group 
(3 Tom Dell User 7/7/97, 9:21 PM 
User 


FIGURE 4—45: Duplicating a user. 


The new user will have the word “copy” appended to its name, and will 
contain the same settings for general privileges, comment, and group 
memberships. You need only edit the Name, Password, and Internet 
Alias fields. 


130 « AppleShare IP 


User: Tom Dell copy 


co 
i 
{ 


| Name: 7 Tom Dellcopy Password: 
Internet Alias: | trdelicopy | 


| (_] Enable user to administer the server 
(C] Program linking | 
[User may logon [] Disable log on es of:{ 77 9797 | mea. 
Bd User may change password 
(J Require new password on next log on | 


FIGURE 4-46: Editing a duplicated user account. 


If you have many new user accounts to create, all of which will share the 
same privileges, you can save still more time by creating one user as a 
template and then creating multiple duplicate users. 


To do this, select a user you want to duplicate in the Users & Groups List; 
then press the Duplicate Users Multiple button (or choose Duplicate 
User Multiple from Web & File Server Admin’s Users menu bar item). 


= = Jsers 8 Groups List aS 


©) (a [ User Multiple.. | 


This will open the Duplicate User Multiple dialog box, where you add the 
names and passwords for the new users and press the Add button after 
each one. 
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User-Specific Access Privileges wil] net be copied. 


The new user will have access to folders through duplicated Group Memberships 
only, User-specific eccess privileges ere allowed through the folder’s Privileges 
window. 


| anaes atm mam re AN RAN a i er emer A RAI ESR Wy EOL + + gn meme llr ANAR NA NONAANARRARRAAN Aare AMR thm ws street 


{i Duplicate General Attributes - BJ Duplicate Group Memberships. 


Bd Duplicate Comments 


FIGURE 4-47: Adding multiple duplicated users. 


When the Duplicate General Attributes checkbox is enabled, the new 
accounts will contain the same settings as those of the first user in the 
User dialog box’s General category. 


Ne a A a Rn AT OORE, ere 


——— = Phil Zoro fs 


ann ae a alae === Uien. rancor hastens 3 A CN PN aN RATER: TER ttc 


General ee Si 


Name: [Phil Zerboules =| ~Password:[eee —| 
internet Alias: | cass_kovelcopy2 


(] Enable user to administer the server 
CJ] Program linking 


[ig User may logon (] Disebte log on es of: [79797 |} 

[i User may chenge pessword 

CJ Require new password on next Jog on 
c 


FIGURE 4-48: Duplicated general attributes. 
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If you de-select the Duplicate General Attributes checkbox, each new 
user will get only the usual default settings, User may log on and User 
may change password. 


However, whatever information you may have typed in the Comment 
window in the first user’s dialog box will not get copied over to the others 
unless you select the Duplicate Comments checkbox. So too with group 
memberships. Select the Duplicate Group Memberships checkbox to 
duplicate these. 


Once you have done this, press the Create button. The new accounts will 
be added to the Users & Groups List window. 


The duplication process does have a down side. Each duplicated account 
takes on an incremental adaptation of the first user’s Internet alias. You 
will have to go back and edit all of these. 


User: Phit Zarboules SS 


Name: | Phil Zarboules Password: 


i 

} 

5 Soe Alias: | cass_kovelcopy2 —__ 
| 

, : 


(J Enable user to administer the server 


| 
| (J Program linking : 
i [J User may togon (_] Disable log on a9 of: mac] 


Pg User may change pessword | 
i Lela Tee Renan | 


FIGURE 4-49: The duplicated Internet alias. 


One of the pluses of the duplication process is that new users will not 
adopt the access privileges of the first user to any folders that the first 
user created. That means that you do not have to worry about letting a 
whole department into a private folder simply because you used that 
folder’s owner as your template. The only access privileges new users 
will be granted come automatically from their group memberships. 
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Creating Groups 


To provide server volume access to a number of individuals, you must 
make them a part of the same group account. You may then assign this 
group to the user/group category of a shared item, associating it with 
whatever privileges you want its members to have. 


Users & Groups List 


@ Usa enclosing item's privileges 
@ Set privileges for this item 
. & Make this a shere point and set privileges 


ke a Show Users & Groups List 


Fr:  Mmin lar [~] 


User /Greup: tcc [— [y] 
Eyergone: [— [-]} 


: El enclosed folders like this one 


} [J Can't move, rename, or delete this folder 


ee a 


FIGURE 4-50: Assigning a group share point privileges. 


Over the years I have seen people use groups many different ways. The 
most common is to create a group for each department or job function, 
such as management, accounting, sales, engineering, and so on. At 
schools, popular group names include administrators, teachers, and stu- 
dents. This works well in most cases, since access privileges differ greatly 
by function. The people in accounting do not want people from sales dig- 
ging around in their folders. The teachers want to keep things away from 
mischievous students. 
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Another method that works well is to create groups for individuals who 
work together on the same data. This works nicely when individuals 
from many departments are involved in the same projects. 


Some organizations create groups for users of different computer types, 
such as PowerMac users, 68K Mac users, and PC users. That way, admin- 
istrators can be assured that users will always run the correct version of 
the software application being downloaded from the server. 


Other organizations create groups for geographic locations, which is par- 
ticularly useful when a WAN is employed. Users in the “San Francisco” 
group might have full access to software resident on the local server but 
not to applications on the server in Tokyo. It would not do to have an 
uninformed user booting up Adobe Photoshop over the T1, would it? 


The groups you create will be unique to your computing environment 
and the way your users work. You will probably want to create a number 
of different grouping schemes. 


To create a group, begin by opening the Users & Groups List window. 


Last Log On 
Administrator 7/8/97, 3:33 PM 
Gy Suest Guest 
(3 Mail Administrator User Never 
(3 Tom Dell User 7/7/97, 9:21 PM 


3 Users, GO Groups | ¢ |e 


FIGURE 4-51: Opening the Users & Groups List. 
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Next, press the New Group button in the upper left of the Users & 
Groups List (or press the Command (3)-G key combination). 


Users & Groups List 


This opens an untitled Group dialog box with the General category 
selected in the pop-up menu. Here, type a group name in the Name field. 
It can be up to 31 characters long, but should not contain spaces or special 
characters if you will be running the Mail Server over TCP/IP. 


SS" group: untied 1 =a 


General Vv 
Name: | Scion People 


FIGURE 4-52: Naming a group. 


To add users to your newly created group, simply drag their names from 
the Users & Groups List into the scrolling field of the Group dialog box. 
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Users & Groups List 


1 Group Members 


Crevert) Cie) | 


FIGURE 4-53: Dragging and dropping users. 


Press the Save button when you have finished. The next time you want to 
add a user to this group, simply drag and drop the User icon onto the 
Group icon in the Users & Groups List. There is no need to open these 
accounts! 


You can also associate a user with a group from within the User dialog 
box. Simply select the Group Membership category in the pop-up menu 
and drag the appropriate group from the Users & Groups List into the 
scrolling field. 
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Users & Groups List 


ae a ar a 


Group Memberships v 


(J Juliana Dell 
(9 Lynn Heiberg 
(3 Mei) Adminis 
(B Micheel Hytog 
Netalie de los 
(H Nick Leu 

(} Phil Zerboule 
(® Scion People 
(9 Shery! Coryet 
(9 Tom Dell 


FIGURE 4-54: Viewing users’ group memberships. 


This also provides you with a list of all the groups in which a user is a 
member. 


Deleting Users and Groups 


Deleting users and groups is a bit more complicated than just trashing 
them. Users will create, and therefore own, many folders over time. 
When you delete a user, someone must take responsibility for all of his or 
her data. 


To delete a user or group, highlight it in the Users & Groups List. Next, 
press the Delete Users/Groups button in the upper left of the Users & 
Groups List (or choose Delete Users/Groups from Web & File Server 
Admin’s Server menu bar item). 
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Users 8 Groups List 


| Users/Groups...] 


AppleShare IP will then ask you who should be given access to that user’s 
or group’s folders. The default is the administrator. 


Are you sure you want to permanently 
delete this user or group? 

Delete: Maizie Gilbert 

The folder privileges of the deleted user or group 
must be reassigned. It may take « few minutes. 


enicescatr ate cbt perhaps treed aaltepet aid ge tL an tit est tot terete iris 


Reassign folder privileges and ownerships 


# Administrator = 
(9 Cess Kovel User Z 
Gy Guest Guest 

(9 Juliana Dell User 

(3 Mail Administrator User 


FIGURE 4-55: Naming a group. 


Press the OK button when you have made a choice, and AppleShare IP 


will transfer the privileges to the remaining user or group that you speci- 
fied. 


Before you delete any user or group, give this some thought: Who should 
take over that entity’s privileges? In some cases it will seem obvious. One 
employee leaves and another takes her place; reassign the privileges to 
that new user. But what if the previous user had personal data in her 
folders that she forgot to delete? Did you just violate her expectation of 
privacy? 


This seemingly innocuous feature touches on some big issues. Who owns 
the data on your server, anyway? How much privacy can an employee, or 
former employee, reasonably expect? 
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Working with the Users & Groups Data File 


All of the information relating to the users and groups you create, as well 
as the server’s Admin key and serial number information, is stored in the 
Users & Groups Data File. 


You may recall from Chapter 3 that I urged you to back this up. You can 
imagine what a pain it would be to have to re-create one of these. As long 
as you have a backup somewhere, you can always replace a damaged 
copy of the file on your server. Make backups often! 


Exporting and Importing Users and Groups 


Once you have your users and groups established, you can export the 
information from your Users & Groups Data File as a tab-delimited text 
file to import into other AppleShare IP servers, spreadsheets, or data- 
bases. 


To begin, open the Users & Groups List and select the users you wish to 
export. You can select multiple users nonsequentially by holding down 
the Command (3) key when you click on them. 


Lunn Hea berger 
1 Administrator 
Michael Hytopeylo: 


Mik lau 
Users, { Groups 


Paar ETE. 


FIGURE 4-56: Selecting multiple users with the Command key depressed. 
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Next, choose the Export Users and Groups command from the File menu 
bar item. When the Save File dialog box appears, name the export file and 
press the Save button. The Export Users dialog box will then appear. 


= Export Users 


—Export Attributes 
| Name: ASIP Export 
Internet Alias 


[-] Comments 
J] E- meit Attributes 


FIGURE 4-57: Choosing which attributes to export. 


If you want to export data in addition to users’ names, select the appro- 
priate checkbox here. (If you choose to export the email attributes, you 
must also select the Internet Alias checkbox.) Press the OK button when 
you have done this. 


The file that is created can be opened with SimpleText or imported into a 
spreadsheet application such as Microsoft Excel or ClarisWorks. 


ASIP Export BB 


[Dan Goldberg DJGoldberg 
Allyson Shields aps 

Cass Kovel cass_kovel 

Dorian Cougias dorian_cougias 
John Larooce hard_rock 
Juliana Dell jcdell 


Lynn Heiberger ELH 
Michael Hytopoulos mikeh 
Nick Lau NLau 

Phil Zarboulas philz 
Sheryl Coryell SCoryell 
Tom Dell trdel) 

Tnm Hessel Hass 


FIGURE 4-58: The exported user names and Internet aliases. 


Chapter 4: AppieShare IP File Server «141 


Not included in this file is any information about the groups these users 
belong to or the access privileges they possess. Nevertheless, it is enough 
to ensure that you have consistent spellings of names across all of your 
servers. 


To import such a file into AppleShare IP, select the Import Users com- 
mand from Web & File Admin’s File menu bar item. When the File Selec- 
tion dialog box appears, choose the file and press the Open button. 


Neme: ASIP Export 


Bg Internet Alies 

{_] Password 

{] Comments 

(] E-mail Attributes 


Duplicate Users 
|: @ Update to selections ebove 2 
@ ignore import attribute selections — 


FIGURE 4-59: Choosing which attributes to import. 


You will be asked which attributes are in the file in addition to user 
names. If a user already exists in the Users & Groups Data File of the 
server to which you are importing a new file, his other attributes will be 
updated by the information in the imported file. If you do not want this 
to happen, select the Ignore import attribute selections checkbox. Then 
only users who do not appear in both places will be imported. 


Select the appropriate checkboxes, and then press the OK button. (Note 
that the Import Users command allows you to import passwords that 
have been added to the text file, even though the Export Users and 
Groups command does not export user passwords.) 


Before proceeding, AppleShare IP will ask you where it should put a log 
file it keeps of the import process. This log contains detailed information 
about the imported users and their attributes, as well as any errors that 
may have occurred during the import. 
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G8 Desktop| + 


FIGURE 4-60: Saving a log file. 


Choose a location and press the Save button. The import process will 


then begin. 


===> Importing Users 
Impertiag Users 


User name: Dorian Cougies 
Number of users imported: 4 


Gn 


When it is completed, AppleShare IP will report its success with another 
dialog box. 


= Import Summary 


importing the users file 
was successful. 


A summery is listed below. See 
the Log File for deteils. 


Summery of Number of Users 


Inthe File: 13 
imported: 4 
Updated: 9 
Failed: O 


FIGURE 4-61: Import Summary dialog box. 
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This feature works not only with export files that originated from Apple- 
Share IP but with imported tab-delimited text files created from any pro- 
gram, so long as the field order is maintained. That means you can bring 
over user information from other non-AppleShare—even non-Mac OS— 
Servers. 


You can also import the users you may have saved in an AppleShare 3.x / 
4.x report (as we did in Chapter 3). This is not a perfect solution, since it 
will not import user privileges and confuses group names with those of 
users. However, it will ensure that you spell everyone’s name right! You 
can tweak the file if you want to add passwords, Internet aliases, and so 
on. 


Note: If you have multiple AppleShare and AppleShare IP servers, the best way to 
meet = 0 this is with Santorini’s Server Manager, covered in Chapter 9. 


BASIC FILE SERVER ADMINISTRATION 


At this point you should understand how to create users, groups, and 
share points—essential tasks in setting up the AppleShare IP server. 
Beyond that are a few other administrative tasks you will need to know 
to keep the server running well from day to day. 


Monitoring File Server Usage 


The file server’s minute-by-minute workings can be seen in the Web & 
File Server Activity window, which is accessible from Web & File Admin. 
Here you can find lots of critical server information quickly. 
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—— ——————————— Web & File Server Activity : 
Btatus: Running Current User Activity: es ro eee 
Name: AppleShere 5 white Set Maximum: Min SD Max 
Anonymous FTP Log On: Enabled 
| Guest Access for Web & File Server: Enabled 
(dey hr:min) (day hr:min) 
Connected User Connection Type Connected For Idie For 


Q Dan Goldberg FTP 0 00:02 0 00:02 
(9 Juliana Dell ppleShare/AppleTalk 0 00:01 0 00:00 
(9 Tom Dell AppleShare/TCP 0 00:04 0 00:04 


FIGURE 4-62: Features of the Web & File Server Activity window. 


The Status line tells when the Web & File Server is starting up, running, 
shutting down, or not running at all. 


The Current User Activity bar tells you how much of the server’s proces- 
sor time is being spent on users’ requests for reading and writing files. 
You can alter this setting by moving the Set Maximum lever. 


The Name line tells you the server’s name as it appears in remote com- 
puters’ Choosers. 


x The first Disconnect button is used to kick a user off the server. The sec- 


ond button can be used to cancel the disconnect command. 


As I mentioned earlier, the Guest Access for Web & File Server and the 
Anonymous FTP Log On lines tell you when nonregistered users are 
being allowed or denied server access. 


The main pane of the Web & File Server Activity window displays the 
names of users who are currently connected and how long they have 
been connected (in days:hours:minutes), and how long users have been 
idle. These users may connect in one of three ways: 
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e FTP: using an FTP client such as Fetch to connect to the Web & File 
Server over TCP. 


e AppleShare/AppleTalk: using any AppleShare client to connect to 
the Web & File Server over classic AppleTalk. 


e AppleShare/TCP: using AppleShare Client version 3.7 or later to 
connect to the Web & File Server using AppleTalk over TCP. 


Web users do not show up here. 


Many of these indicators can also be viewed in Web & File Server's win- 
dows. 


“a AppleShere IP Web & Fije Server 
Cy = AppleShere 5 Server 3 e User: ~~=S«WCermecttion Type: Connected for: idlefor: | 
5 AppleShare/TCP : 
; Default Zone: Public i AppleShare / AppleTalk 0:07 
: le Server vie TCP: On 3 —" 
Multihoming: Off : 


File Server ¥Velumes: 


MadDog 
Mac 0S 7.6 


Romete User Activity: < 


FIGURE 4-63: Features of the Web & File Server’s Server Info and Connected 
Users windows. 


The Server Info window does not tell you when the server is stopped 
because, in that event, this window would not be available! It will tell you 
what zone the server is in, however, and when FTP, HTTP, AppleTalk/ 
TCP, and multihoming are available. You can also see the volumes 
installed on the server and their share points. 
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The Connected Users window tells you who is connected and how, but it 
does not let you disconnect anyone. It lets you adjust the amount of pro- 
cessor power remote users can commandeer from the server’s CPU. 


Maxed Out 


One of the things that you will want to keep an eye on here is the amount 
of sustained user activity. If you see that the Current User Activity indica- 
tor is constantly pegged to its maximum setting, you may need to adjust 
the Set Maximum lever upward. If it rarely reaches its maximum setting 
(as indicated by a red line) and you have other services running on the 
server, you might want to move it down. 


Web 4 File Server Activity 


Current User Activity: 
Set Meximum: Min (jem Max 


If you have moved the Set Maximum lever all the way to the right and 
you still “redline it” regularly, it is probably time to deploy another file 
server and begin load balancing between the two. 


I’m Tickled! 


Another thing you should watch out for is the number of idle users—peo- 
ple who have mounted a shared item on their desktops and are not using 
it. This is a problem for two reasons. First, idle mounted volumes gener- 
ate unnecessary network traffic. AFP constantly sends out “tickle” pack- 
ets to verify that the connection between client and server is still in place. 
Second, they pose a security risk. If a user is away from a desktop com- 
puter and leaves a server volume mounted, some unauthorized person 
can conceivably sit down and start rummaging through your server. 


To eliminate the threat of idle users, simply select their connections in the 
Web & File Server Activity window and press the Disconnect button. 
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Statue: Running Current User Activity: 


Name: “AppleShere 5 Server Set Maximum: Min coerce eee Hes 


“Anonymous FTP Log On: Enabled 
Guest Access for Web & File Server: Enabled 


y Disconnect User... 


This will open a dialog box in which you can tell the person why you are 
doing this and even give them some time to log off (up to 4,094 minutes, 
or 68 hours!) 


"You will be disconnected from 
the file server in minutes.” 


i 


Additional - 


You haven't done anything on the server ina long | 4 
time, 30 we need to log you off | 


FIGURE 4-64: Logging off an idle user nicely. 


Note: On a couple of occasions, I have used this feature of AppleShare to spot 
“unauthorized users.” If you glance at the server and see that Joe Bob is logged in, 
but you know Joe Bob is vacationing in Bali, you might want to log Joe Bob off and 
investigate. Just drop him a little note like: 
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| ta “AppleShare 5 Server in Public" 


You will be disconnected from the file server 
in 1 minute(s) [7:37 PM on 7/9/97]. 


Gotcha. When | find your sorry @#*%! I'm going to 
ripe off your ©@#*%! head and @#*%! You can run 
but you can't hide! Your @#*7! is mine this time, 

buddy! You're over! Toast! History! Bye, bye baby! 


FIGURE 4-65: Gentle admonishment to a suspected hacker. 


If you are very lucky, you will be able to walk up behind the hacker before he 
finishes reading this. If you are very unlucky, you will find out that your boss was 
using Joe Bob's account because he forgot his password. 


Shutting down Service 


You can bring down the server, perhaps for service, by choosing the Stop 
Web & File Server command under Web & File Admin’s Server menu 
bar item (or by pressing the Command (3)-] key combination). Before 
doing so, you will need to log off all of its users whether or not they are 
idle. Therefore, when you choose this command AppleShare IP will 
present users with a dialog box telling them that the server will be shut- 
ting down in 10 minutes. You may adjust the actual delay to between 0 
and 4,094 minutes and create your own message. However, FTP users, 
Web site browsers, and some non-Mac OS users will not receive the shut- 
down message. 
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a inated oFeews ee a a ne nea 


Default Message : 
“The file server is closing 
down in mi nutes.” 


We will need to take the server down this 
afternoon for service. Sorry about the hessle. 


FIGURE 4-66: Warning users that the server is shutting down. 


I recommend that you never set the delay to zero. If you do, users who 
are working at the time will lose any information they have not saved 
locally. 


After you press the OK button, the Web & File Server Activity window 
shows the status of the server as shutting down in however many min- 
utes. If the time delay you chose is greater than an hour, the warning will 
be repeated at the desktop computers once an hour until the final hour. 
After that, it will be repeated every 10 minutes, then at five minutes, then 
at two minutes, and then at one minute. If that does not annoy people 
enough to make them log off, nothing will. Also, nobody can log on to the 
Web & File Server during the final five minutes (except Web users). 


To abort the process, select the Cancel Web & File Server Shutdown 
command from Web & File Server Admin’s Server menu bar item. 


Viewing the Server Log 


In addition to what you can see in the Web & File Server windows, 
AppleShare IP maintains a log of significant events, such as when the 
Web & File Server started up or shut down. This information is kept in 
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the “AppleShare IP Web & File Log” (located in the “AppleShare IP Pref- 
erences” folder in the Preferences folder of the System Folder). 


1 Lee 
eat ea A ee eo 
Fon ae wee, BR Ebi elle dey Bergh tS 


AppleShare IP Web & File Server was started at 8:17:59 PM on 7/9/97 . 
The volume “MadDog” was prepared at startup. 

The volume “Mac OS 7.6” was prepared at startup. 

2 valid server volumes were found. 

AppleShare/TCP service was started at 8:18:12 PM on 7/9/97 . 

Web service was started at 8:18:15 PM on 7/9/97 . 

FTP service was started at 8:18:18 PM on 7/9/97 . 

The volume “Mac OS 7.6” was unmounted at 8:24:54 PM on 7/9/97 

The volume “Mac OS 7.6” was mounted at 8:28:19 PM on 7/9/97 
AppleShare/TCP service stopped at 8:40:02 PM on 7/9/97 . 

Web service stopped at 8:40:03 PM on 7/9/97 . 

FTP service stopped at 8:40:04PM on 7/9/97 . 

AppleShere IP Web & File Server was shut down at 7/9/97 on 8:40:06 PM 


FIGURE 4-67: Viewing the AppleShare IP Web & File Log. 


This text file can be viewed by any text-processing application that can 
read ASCII, such as SimpleText, ClarisWorks, or Microsoft Word. 


They could have made this file a little easier to get to! I recommend that 
you make an alias of it to keep on your desktop or under the Apple (6) 
menu bar item. 


Unmounting Removable Disks 


AppleShare can share both fixed media, such as internal hard drives, and 
removable media, such as CD-ROMs. Under AppleShare 3.x /4.x, switch- 
ing a CD-ROM involves launching AppleShare Admin, “unsharing” the 
disk, and then ejecting it. Under AppleShare IP, you can do it more easily 
from Web & File Server Admin: Highlight the CD-ROM in the Disks & 
Share Points window, then select the Unmount Disk command from the 
Server menu bar item. Any users who were connected to the CD-ROM 
will be disconnected, and the CD-ROM will be unmounted and ejected. 
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Sasuae Users Window 
Start Web & File Server xf 
Stop Web @ File Server %) 
Cancel Web & File Server Shut Down 


Show Web @ File Server Activity SK 


Name 
Show Disks ® Share Points 8L —— 
Privileges... LJ 
> MadDog 


Enclosed Privileges... 


Unmount Disk 
Duplicate Folder... 
Short Name 


Web & File Server Settings... 
Web & FIP MIME Types... 
Reset Cache 


FIGURE 4-68: Unmounting a disk (without unsharing). 


To remount the CD-ROM, put it back in the drive. It will be shared auto- 
matically. 


Setting a Greeting 


If you want people to be greeted by a message dialog box when they log 
in to the file server, type something in the File Server Log On Greeting 
field under the General pop-up menu in Web & File Server Admin’s Web 
& File Server Settings dialog box. 


152 « AppleShare IP 


Web & File Server Setting 


{Ceenerar +} 


Web & File Server Name: (AppleShare 5 Server 
{ 
| Bd Start Web & File Server on System Stertup 


| Guest Connections: Mex 
| File Server and FTP Client Connections: [250 _|Mex 
Enable File Server Multihoming (AppleTalk) 


x Ey ="; ents to Connect over TCP 


FileServer LogOnGreeting XO 
Welcom to Scion Networks __ a 


FIGURE 4-69: Setting a logon greeting. 


You can be creative with this. How about a daily news summary? 


Greeting Message 


Greeti ag: 
Welcome to Scion Networks. Today's News: Stock is 


tuna casserole in lunchroom MIS fired after 
threatening Boss in suspected hacking inokdent.d] 


FIGURE 4-70: Greeting with the day’s news. 


In general, users hate this feature because it generates yet another screen 
that must be dismissed. Even so, it does have its purposes. 


I was training a Webmastering class in Virginia recently when the topic of 
server security came up. One of my students related a story he had heard 
from someone at the National Security Agency. Apparently, a clever 
hacker had breached the security of one of the government's big hosts 
and been caught. In court, his lawyer argued that the hacker did not 
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know he was doing anything wrong. While he was trying various logons, 
there was no indication that the target server was off-limits to him. 
Indeed, when he found the logon that worked the host responded with 
“Welcome to Hewlett-Packard!” It invited him in! 


This story may be no more than rumor, but it makes a great point. I know 
for a fact that when you attempt to log on to many government hosts 
now, you are presented with a very specific explanation of how unautho- 
rized access is illegal and what dire consequences will ensue should you 
proceed. 


If security is paramount at your organization, you might want to use the 
greeting as a warning to hackers or as a reminder to users. 


we "AppleShare 5 Server via TCP/IP" 


Scion Networks. No Trespassing! 


Users: Keep those passwords secret. Loose lips sink 


FIGURE 4-71: Using the greeting as a security notice. 


This message is visible only to users, but you can make similar messages 
for FTP users by modifying the text files in the “FTP Preferences” folder 
(inside the “AppleShare IP Preferences” folder, which is inside the Sys- 
tem Folder’s Preferences folder). These messages are: 


e FTP Connect: seen by users when they establish the FTP connection. 
e FTP Login: seen by those who log in with a user account. 
e FTP Anonymous Login: seen by those who log in via Anonymous 


FTP. 


Each file can contain up to 31 lines, and each line should be no more than 
80 characters long and end with a carriage return to make it compatible 
with most FTP clients. Modifications will take effect after you restart the 
Web & File Server. 
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Enabling Multihoming 


As I mentioned in Chapter 3, your PCI-equipped server can provide 
AppleShare file sharing to as many as four network segments at once. For 
example, if you have an Ethernet network and a LocalTalk network, your 
server can reside on both. Simply attach one network cable to a LocalTalk 
port (Printer port) and another to an Ethernet port. 


[| ot Ethernet =] 


AppleShare IP 5.0 
Server 


FIGURE 4-72: Multihoming on Ethernet and LocalTalk networks. 


AppleShare IP services should not be running when you set this up, so 
stop them if they are. Likewise for any other network services. 


Next, open the AppleTalk control panel and choose Printer Port (Local- 
Talk) from the Connect via pop-up menu. Also choose a zone in the Cur- 
rent zone pop-up menu. 


Do the same thing for the Ethernet port, but make sure to choose a differ- 
ent zone. 
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Now you may close the AppleTalk control panel and save the changes. 


Next, select the Enable File Server Multihoming checkbox under the 
General pop-up menu in Web & File Server Admin’s Web & File Server 
Settings dialog box. When you start the Web & File Server again, it will 
register itself on both networks. 


General v 


Web & Fe Server Hane: 
Ba Start Web & File Server on System Stertup 
Guest Connections: Max 


oe A LAR A Gt AN ARM NN nN ne ame ema 


File Server end FTP Client Connections: {250 | Max 


i... [a Enadle File Server Multihoming (AppleTalk 


Enable Fite Server Citents to Connect over TCP 


File Server Log On Greeting _ 


FIGURE 4-73: Enabling multihoming. 
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Setting Password Policy 


You can allow people to connect to an AppleShare server without pass- 
words, but it is a bad idea in all but the most secure workgroups. If your 
network is connected to the Internet, failure to use good passwords is just 
plain nuts! 


Password protection is your server's first and best line of defense against 
intrusion, data theft, and vandalism. Good passwords—alphanumeric 
codes that are hard to guess—can eliminate the threat from all but the 
most determined hackers. To enhance this protection, AppleShare pro- 
vides you with several controls on password policy. To set these, choose 
Password in the pop-up menu of Web & File Server Admin’s Web & File 
Server Settings dialog box. 


Sa 
[3] Felted attampte-betore 109 on dieebled 
| 45 _—'| Minkmum eheracters {n pesoword : 


File Server 
‘Days until peseword expires 


[J Enebte users to seve password for automatic log on 


[saab Oey see 


FIGURE 4-74: Setting password restrictions. 


Enable the Failed attempts before log on disabled checkbox, and you 
can limit the number of tries someone gets to guess the password of a 
user account before AppleShare disables that account. I recommend that 
you Set this restriction for 3. 
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On the downside, registered users sometimes make mistakes (usually 
because the Caps Lock key is down) and disable their accounts them- 
selves. When that happens, you need to reinstate the accounts by 
enabling the User may log on checkbox (see Figure 4-45). On the upside, 
hackers employing “war dialing”—trying dictionaries full of possible 
passwords—will get just three shots at it before losing their access and 
alerting you to their attempt. 


If you enable the Minimum characters in password checkbox, you can 
require people to use passwords between one and eight characters long. 
It is generally accepted that passwords should be longer than four charac- 
ters: The longer they are, the harder they are to guess. 


This feature applies only to people who log on over AppleTalk or via a 
POP client such as Claris Em@iler. When users attempt to change their 
passwords, they receive a message that a longer password is required if 
theirs is shorter than the required minimum. Unfortunately, some non- 
Mac OS clients will not receive notification that a longer password is 
required. Also, this does not affect passwords that were created before 
you set the restriction. 


An old password is the same as no password at all. After people have 
tacked them up on their monitors, emailed them to each other, and hol- 
lered them across the room, passwords can no longer be considered 
secret. Enable the Days until password expires checkbox, and you can 
require people to change their passwords regularly. Type in the number 
of days to elapse before passwords must be changed. I recommend no 
longer than 90 days. 


This restriction applies only to those who log on via AppleTalk. It does 
not affect FTP users, and the Mail Server allows users to connect even 
when their passwords expire. Also, some non-Mac OS clients may not 
receive notification that the password needs to be changed. 


Finally, if you select the Enable users to save password for automatic log 
on checkbox, users will be able to mount volumes on their desktops at 
startup without entering passwords. It is far more secure to disable this 
ability so that passwords must always be entered. 
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Serialization 


The number of people who may log on to your AppleShare IP server at 
the same time depends on your license. You can increase the number by 
purchasing additional serial numbers that allow additional concurrent 
user connections. Your initial serial number is printed on a card that 
comes in the AppleShare IP box. 


When you purchase additional serial numbers, you will get additional 
cards. To enter the numbers from these cards, open Web & File Server 
Admin's Web & File Server Settings dialog box, and choose Serialization 
in the pop-up menu. 


Web & Fite Server Setti 


Serialization wv 


Name/Phone: | Tom Dell/415-346-9200 
orgataton; [Scion Netware 


Add Serial Number... 


Serisl Numbers Mex Connections 


I= BBB = 2L2=C00=335-000=444=EEE=555 


reer rer rer racer a rib as ns NAAR Sem eh 


FIGURE 4-75: Adding serial numbers. 


Next, press the Add Serial Number button to type in the numbers. Under 
the Max Connections column, you will see how many concurrent user 
connections are allowed under your current license. 
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ADVANCED FILE SERVER ADMINISTRATION 


In the previous section, I described most of AppleShare IP’s vital file 
server management components. These are integral to the product and 
will meet your basic needs. However, there are a couple of add-on prod- 
ucts that I believe AppleShare managers should know about. The first is a 
suite of advanced utilities from Santorini Consulting & Design. These 
server tools bring to the Mac OS a level of server management more com- 
monly found on other platforms. The second is Retrospect, the full-fea- 
tured backup software from Dantz Development that I first showed you 
in Chapter 3. With Retrospect, you can copy data from both your server 
and remote desktop computers using either AppleTalk or TCP/IP. 


Among other things, these products can greatly enhance your server 
security, and that’s always good for enhancing your peace of mind. 


Santorini’s Server Management Software 


In addition to creating user accounts and administering their access priv- 
ileges, one of your tasks as an AppleShare manager should be to track 
and analyze server usage. With the right information you can ensure that 
users get the most out of available resources—an important goal. 
Depending on your organization, it may also be your responsibility to 
“bill back” users and groups for their fair share of server operations. 
Finally, you need to be aware of how the server is being used so that any 
unauthorized activity, such as that of an Internet hacker or a malicious 
employee, can be detected and halted. 


Advanced server management requires information gathering that 
AppleShare IP was not designed to perform. Fortunately, a third-party 
software developer created a suite of products to fill the niche. Server 
Tools, ServerTracker, and Disk Quota, all from the company that created 
Server Manager (see Chapter 9), reports everything you might conceiv- 
ably want to track. Better still, it does it on a schedule, automatically 
informing you of its findings via email or pager. 
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A> 


Server Tools 


The Server Tools Toolbox gives you access to all of its components in 
much the same way that AppleShare IP Manager does with AppleShare 
IP’s parts. However, unlike AppleShare IP, Santorini’s software is not 
based on OpenDoc. 


Toolbox 


QuickMall Notification. PowerTaik Notification 
Diek Audit [Ea] View Pulet 
Monitor changes lo sorve: disks Understand yous sarver's nccens privdeg wa 


Oiek Cleaner Leepiiels 
Clean up clutter on pour server's dicke z Find usets with gues! sccess enabled 


Diek Aeccuntant | Cache Agent 
eet | Accounl for your server's disk epsce Mondor your server's ceche performance 
comr| Space Probe GC. Rebeut Aguwt 
GS | Be alerted to iow dish space siuations Remotely teciart of shul down yous server 
GrachQuard Password Watcher 
Auto@aticalty restat! yout crashed sorre Ostect sltempled break-ins fo pour server 
Tom Dell, Scion Networks 


FIGURE 4-76: Using ServerTool’s main console, the Toolbox. 


The Toolbox also acts as a gatekeeper for messages coming from Server 
Tools modules to you. It is capable of forwarding these messages using 
CE Software’s QuickMail, Apple’s PowerTalk, or ExMachina’s Notify! 
pager gateway. For convenience, Server Tools comes bundled with Pow- 
erTalk, which, when coupled with StarNine’s Internet Mail gateway (also 
included), can communicate through your AppleShare IP Mail Server. 


Note: PowerTalk is no longer supported by Apple and is not compatible with Mac 
OS 7.6 and later. 


Most of Santorini’s server management software can be used with both 
AppleShare 3.x/4.x and AppleShare IP. In some cases it can also be used 
with Personal File Sharing. 


mt 


we 
tf) 


Dee i me 
ai Was 


Chapter 4: AppleShare IP File Server « 161 


Disk Accountant. Using Disk Accountant, you can see who is using 
what amount of disk space on your server and whether applications or 
documents are the source of that use. 


Disk Audit. Using Disk Audit, you can detect changes that have 
taken place on a server's hard drive between one time and another. This 
will tell you what has been created and what has been deleted most 
recently. 


Disk Cleaner. With Disk Cleaner, you can move or remove useless 
and corrupted files that accumulate on your server’s hard drives over 
time. 


Space Probe. Space Probe has two parts. The first will notify you 
when hard drive space is running low in time for you to take corrective 
measures. The second, called Disk Inspector, can be used to create a 
detailed view of the hard drive's folder hierarchy. 


Password Watcher. Password Watcher keeps an eye out for suspi- 
cious user logons and alerts you when someone might be trying to gain 
unauthorized access. 


ViewPoint. ViewPoint can give you a comprehensive look at what 
resources various users may access on your server’s hard disk and by 
what associations these privileges have been derived. 


LoopHole. With LoopHole, you can scan for potential breaches in 
your network’s file sharing security by hunting for occurrences of guest 
access. 


CrashGuard. CrashGuard automatically restarts the server after it 
crashes or freezes. 


Remote Reboot. This tool has two parts: Reboot Agent goes on the 
server, and Remote Reboot is installed on a remote desktop machine. 
Together they allow you to restart or shut down the server from across 
the network. Remote Agent can also be programmed to shut down and 
boot the server according to a schedule. 


Cache Register. Like Remote Reboot, Cache Register has a server- 
based and a console-based component. It is used to optimize the Apple- 
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Share RAM cache. This is a very handy tool for use with AppleShare 4 
and Pro servers, which do not use caching dynamically. 


ServerTracker. This powerful application records all major file oper- 
ations, as well as the time they occurred and who performed them. 


Disk Quota. Disk Quota allows you to restrict the amount of hard 
drive space users can take up with the folders they own. When they 
exceed the limits you set, you can direct Disk Quota to notify them to 
remove their write privileges, or even to disable their accounts. 


Disk Quota and DiskTracker are purchased separately and can be used 
independently of the main Server Tools package. 


All together, Santorini’s server tools can answer a good number of com- 
mon server administration questions. Here are a few of them. 


Who Is Using the Most Hard Disk Space? 


When it comes to server storage, too much is not enough. It is a comput- 
ing truism that no matter how much hard disk space you have, you will 
fill it up. Often new storage media are required, but sometimes the 
chronic problem can be alleviated by better use of the existing space. You 
can determine which is the case with Disk Accountant. 


There are two buttons in the upper left of Disk Accountant's main win- 
dow. Use the first to generate a list of how many files are in folders 
belonging to each user and group and how much disk space those files 
consume. 


Admin 

Tor Dell 

Phil Zardoulas 
Cass Kovel 

Dan Goldberg 
Juliana Dell 

<Any User> 
Garrett Dell 

Mail Administrator 
Group Mame 


Scion People 
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Disk Usage 
276.2M for 1,098 files. 
93M for 39 files. 
1.6 for 9 files. 
1.3 for 1 files. 
162K for 1 files. 
131K for 13 files. 
OK for O files. 

OK for CO files. 

OK for Q files. 
Direct Disk Usage 
OK for 0 files. 

OK for O files. 


12.9M for 65 files. 
OK for © files. 


FIGURE 4-77: Tracking hard drive usage by user and group. 


The second button in the upper left of Disk Accountant’s main window 
can give you a listing of how much disk space is being consumed by 
applications. 


Server Tools ™ 


Disk Categor u 
= Total Space 
& Free Space 
&> Applications 
[}) Documents 
fa) System Files (startup volume only 
applic Sse) 
& Instaler 


te Speed Demon 

te Retrospect 

S> SimpleText 

th Sxxx/6xxx Tester 
& Timbuktu Pro 


2045.7M 

1141.5 

37.6M for 124 files. 
179.3M for 396 files. 
52M for 443 files. 
Application document usage 
5.1M for 32 files. 
4.8M for 5 files. 
3.8 for 15 files. 
2.6M for 134 files. 
1.2M for 35 files. 
567K for 5 files. 


FIGURE 4-78: Determining what applications are being stored on your server. 
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Suppose that you believe your server is chronically low on hard disk 
space and you think it is time to upgrade it. Before doing this, you should 
generate a Disk Accountant report and look for anything unusual. 


Imagine that you find that most of your users have less than 10 Mbytes 
stored on the server, and that mostly in documents. Two users, however, 
each have more than 500 Mbytes stored there. Much of what they are 
storing there is applications, which should be run from their desktops’ 
hard drives. 


Your first priority should be to talk to the users. You might find that one 
is copying her whole hard drive on to the server as a backup precaution 
and the other has uploaded a bunch of CD-ROM games from home. A 
new server drive might not be required after you reallocate the disk space 


properly. 


You can learn lots of interesting things with Disk Accountant. For exam- 
ple, you may not have known that you had eight copies of Bungie’s Mar- 
athon on your server. (Naturally, at least one is required). Do you really 
want copies of old applications that are not 32-bit clean—and therefore 
will not even run on users’ computers—hogging your hard drive? 
Shouldn't you get rid of those copies of software you know to be illegal? 
(Ahem. That was a rhetorical question.) 


Auditing your server via the Finder can take hours and provides you 
with no documentation. It takes just minutes with Disk Accountant, and 
you can export the data as tab-delimited text, with optional tracking for 
user and group bill-back by Mbyte. 
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Mail Adminiswawr 0 


Group Name Cost (in units) based on direct usage | 
Scion People 0 


FIGURE 4-79: Billing back users and groups for server hard drive usage. 


This type of accounting control is important in any organization, such as 
a Web hosting enterprise, that makes hard drive space available to the 
public or to subscribers. The number that you use in the monetary units 
field can be as simple as the per-megabyte cost of the hard drive or the 
result of a more complicated formula that might include a percentage of 
utilities used, hardware and software maintenance costs, and personnel 
salaries. 


Even if bill-back is not important to you, it is good to generate these 
reports regularly anyway. After a while, you will have a good baseline of 
hard drive usage and can better anticipate when upgrades will be 
needed. (For example, we are adding about 25 new clients a month, and 
they each use 10 Mbytes of hard drive space. Therefore, we will run out of 
space in October.) 


This baseline also provides hard evidence for timing purchases of new 
equipment for a given user or group. (For example, accounting’s use of 
the server increases slowly, and engineering is putting lots of new data 
on the server. Perhaps we should give engineering bigger workstation 
drives or their own workgroup server before we upgrade the machines in 
accounting.) 
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Note: Disk Accountant bases its usage statistics on users and groups with explicit 
ownership of server folders. If your server’s folders are all set up with the 
administrator account as owner—an intelligent choice—all space usage will be 
attributed to the administrator. You have to give individuals ownership of their 
own server-based folders for this tool to be useful. Fortunately, whenever users 
create folders on the server hard drive they are automatically assigned the owner 
privilege by default. 


How Many Files on the Server Are Worthless? 


Disk Accountant gives you an idea of how much data you might safely 
remove from your server’s hard drive. Disk Cleaner lets you perform the 
actual removal. 


for... 
[4 Orphaned Aliases Files Dormantfor [4 _ | 
(4 Duplicate Applications heh uta des Masuli eS oanatena 
(j Duplicate File Names 
4 Bad File Dates wep ycieiacata tesa tescacenss 
Missing Applications Cj Locked Files 
Empty Files Untitled Files 
(4 Empty Folders (4 Temporary Files 


Cj Files Changed since 
E4177 £997 4DEDE PR 


Temporary Files 

What it does: Looks for files with “Temp” in their names. 

Benefits: Some applications create temporary files and fait to dispose them. This will help 
you find and delete them. 


FIGURE 4-80: Locating a candidate for removal from the hard disk. 


Over time your server can accumulate hundreds of useless folders and 


files that hog space and can cause erratic server behavior. Disk Cleaner 
shows you many of these: 


Chapter 4: AppleShare IP File Server « 167 


e Orphaned aliases: aliases that have lost their targets and will no 
longer launch them. 


¢ Duplicate applications: redundant programs stored in more than 
one place on the server hard disk. 


e Duplicate file names: files with the same names as other files, caus- 
ing confusion and making document version control difficult. 


e Bad file dates: files with creation or modification dates that are inac- 
curate (Ever wonder where those files created in 1906 came from?), 
which confuse synchronization and backup applications, and are 
often corrupted. 


¢ Missing applications: files created by applications that no longer 
reside on the server, perhaps because they were obsolete and you 
deleted them. 


e Empty files: files that contain no data. 


e Empty folders: folders that contain no files. You might be amazed at 
how many of these are created by Mac OS novices. 


e Locked files: some are locked for a good reason, but others are old 
applications that were not deleted because the people who wanted to 
get rid of them did not know to hold down the Option key while 
selecting Empty Trash to override the locking feature. 


¢ Untitled files: called “untitled,” a sure sign that you have novice 
users on your network. 


e Temporary files: usually swap files that were not deleted as 
intended, perhaps because of a severed network connection. 


You can search the entire hard drive for these files, or limit Disk Cleaner’s 
attention to those that have been opened after a specific date, by using the 
Files changed since checkbox. Another option, the Files dormant for 
checkbox, lets you scan for files that have not been opened for a specified 
period of time and are thus good candidates for archiving. 


Note: Be careful here. The modification dates on templates, perhaps the most 
commonly used documents on your network, do not change. 
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Disk Cleaner will generate a report of these conditions and then let you 
make changes to the hard drive. If you need more information about a 
suspect file, use the Get Info button. Otherwise, use the Delete, Copy to, 
or Move to buttons to remove or relocate files. The Redirect button 
restores the target to an orphaned alias. 


FO Recent Documents :AppleShare 3 Se... Export. TABTEXT -> AapleShare 5S Server. Madlog..,.|'s 
©) DC Recent Documents :ASIP Export > AppleShare 5 Server :ttadDog.... :ASIP Export 

D Recent Documents :Juliana’s PB Backup ~> AppleShare 5 Server -MadDog:... Juliane’s PB Bat 
©) Co Recent Servers Mac 7200 HD > AISS: Mac 7206 ND :... Mac 720C HD 

© © Recent Servers ‘Mac Ilex HD > AppleShare 3 Server: Mac tlox HO :.. Mac tlex HD 


FE) © Recent Servers Pub — Tom's PowerBook: Pub... Pub 
| DC Lawricher bern: Petras ad) 


FIGURE 4-81: Redirecting an alias that has lost its target. 


Before you use that Delete button, I recommend that you apply the 
Export button so that you can email the report to your users and ask for 
comments. When you delete files that are needed—or perceived to be 
needed—you make some users angry. If you circulate the report and 
inform recipients that the files listed will be archived or deleted unless 
you hear from them by a given date, users can be angry only at them- 
selves if they do not communicate. 


Has Anything Been Added to the Hard Drive? 


The tools I have mentioned so far help you analyze overall usage pat- 
terns. Disk Audit is a tool that lets you get much more specific by allow- 
ing you to take a “snapshot” of your server’s hard drive at various 
intervals. 
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= : Compare Snapshots == 
r-—~--—~ Earlier Snapshot [w]e Later Snapshot [7] ----~; 
i ef: Macintosh HD Pub | 
; 


i 
@f = Macintosh HD Pub 
| 


i taken: 7/17/97 5:20 PM | | taken: 7/18/97 5:11 PM 


Compare Snapshots... 


FIGURE 4-82: Taking snapshots of disk usage. 


By comparing old and new snapshots, you can determine which files and 
folders have been added or deleted from the server, as well as which have 
been moved, renamed, or modified. 


Suppose that you decide to enable write privileges on the Pub folder we 
created earlier so that strangers may upload files to your server. Disk 
Audit will tell you, on a daily basis, what new files have been uploaded. 


————————— Pub 7/17/97" vs. “Pub 7/18 SSS = 


File/Folder 


Pub Note232 


Pub : AFP Engage! 1.0b1 Folder 
Pub -LogDoor PPC 1.1 eval Folder 


FIGURE 4-83: Comparing disk audit snapshots. 
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To make it even easier, you can configure Disk Audit’s schedule to take 
the snapshots automatically on a daily basis and then email you the 
results. 


_ Sanus aon 


DiskAolder to tate cnapshot of: + Time: 6:00:00 PM 


Macintosh HD Pub 7/18/ 1997 


| aa. 199?~7 
tere a) i 


Options 
Bd Use File | Ds 


grsseeaseveononacensctaacsesacoonssvenovanteveseen 


[narepeatevery: [1 ]LOaee) 
cE Compare with last scheduled snapshot and mail me the results. 


ee Di ea ode me REDE eed Ee 


FIGURE 4-84: Scheduling a disk audit to take snapshots automatically. 


How Much Free Space Is on the Hard Drive? 


Since the free space on your server's hard drive can dwindle rapidly 
depending on what users are doing on a given day, it is wise to keep an 
eye on it. Full hard drives tend to cause crashes. It is easy to watch over a 
server's hard drive if you are sitting right next to the monitor. It is a good 
deal harder when the machine is in another room or building. In that 
case, you can let Space Probe watch over it for you. 


With Space Probe’s alarms feature, you can set a threshold for how full 
your server drives get before you are alerted. When usage exceeds that 
threshold, the Server Tools Toolbox notifies you via email or pager. 
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Server Tools™ 


- a oe ees | Disk fiarm » 1% ne 


Volume . _ Used/Total ns 


a) Santor ini Server Software aan 


FIGURE 4-85: Viewing the server’s hard disk space. 


I recommend that you set this threshold at 20 percent. That should give 
you a reasonable amount of time to add space before your server hard 


drive is overwhelmed. 


=} 4 vie Mail Notification 


fe Mf vie Page Notification 


bouissett-sas-ste--tiseitsiitestss isis tesl stitstitsetess|be—bes sretbst pertesstes| set tsstiteti ott Poti sesbeitiet Mstitethesrscseg-ettastosiabiitiitessetectioed pesttnsetssieced bo baslaseites | 


FIGURE 4-86: Setting the alert and notification thresholds. 


Did I Give Users Proper Access Privileges? 


With a companion to Disk Probe called Disk Inspector, you can get a 
directory-level view of who has access to server folders and with what 
privileges. You can also see how big the folders are, when they were last 


modified, and what their Finder labels are. 
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Server Toois™ 


_Volume/Folder _ User /Group 
VY @& MadDog 
> © Web Folder Admin OD 7 Scton People ODA 
4 © Trash Admin OG 7 Admin GB 
CB Tom Tom Dell OB / Scion People 7 
CI Temporary items Admin OB 7 Admin OD 
C3 System Folder Admin ODF Admin OD 
C3 Stationery Admin OD 7 Admin OG 
© Server Management Software Admin OB Admin OD 
C1 Pub Admin OD 7 Scion People COO/ 
CG Phit Phil Zarboulas OO 7 Scion People 7 
(3 Personal Folders Admin OBS - 
C Net install Admin OD 7 Scion People GOO/ 


el oem re 


FIGURE 4-87: Viewing access privileges in the folder hierarchy. 


Like Disk Accountant, this is a time saver. At a glance you can see where 
user privileges need to be granted or revoked. 


Note: Here is a cool feature. Enable Disk Inspector's Show Folder Size option. 
This will add a Folder Size command to the menu bar and let you generate 
estimated folder backup times for both LocalTalk and Ethernet! 


dl 


Server Tools ™ 


| Yolume / Folder __ ___Backup Time over Ethernet ‘ 


VY & Maddog Total Time: 
b Cl Web Folder 
a © Trash 
es Tom 
© Temporary items 
C System Folder 
©) Stationery 
C) Server Management Software 
C) Pub 
CS Phil 
©) Personal Folders 
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b 
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FIGURE 4-88: Estimating server folder backup times. 
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Juliana Dell 
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Dan Gokiberg 
(P Cass Kove! 


FIGURE 4-89: Viewing privilege categories for each shared item. 


ViewPoint gives you another way of viewing server privileges. It shows 
you which users have access to what on the server and by what associa- 
tion access is made possible. Like Disk Accountant, ViewPoint’s main 
window contains two buttons. The first gives you a read-out on who has 
privileges in the traditional “see folders,” “see files,” and “make changes” 
categories for each shared item. The second button shows you how these 
privileges appear to users from their desktop computers. 


I i 
v7 @ Cass Kovel 
ca Client Drop 
ce Juliana 
c> Garrett 


& Dan d 
c Phil Member of Scion People (the user“aroup of this volme/fok 
co Cass Oxwner of this volummt “folder. 

ca Tom Member of Scion People (the user /group of this volume/fold 
co Net Install Mernber of Scion People (the user’ /group of this volume /fold 


FIGURE 4-90: Viewing privileges as users see them. 
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With this tool you can quickly identify potential security breaches that 
may have arisen because inappropriate server access privileges were con- 
figured. 


Suppose that the accounting department just hired a new receptionist 
from a temp agency. You give her a user account and, because she works 
in the accounting department, make her part of the accounting group. In 
so doing you might not realize that you gave a temporary employee 
access to the company’s confidential financial data simply because she 
works next to the people who create it. ViewPoint will show you that. 


Whenever you add a new user and assign access privileges, run View- 
Point to determine what they can see. Look for any security violations. 
When you need to remove a user, use ViewPoint to find out what owner- 
ship privileges the account has so you can determine who is eligible to 
take it over. 


is the Network Secure from Hackers? 


I have known clients who spend a lot of time and money securing their 
servers, but then ignore the desktop computers. Meticulously maintain- 
ing your server's access privileges will not do you much good if regis- 
tered users are permitted to copy private data to their workstations and 
then share those hard drives with Personal File Sharing’s guest access. 


Using LoopHole, you can tell which AppleShare or Personal File Sharing 
machines on your network are running with guest access enabled. Run 
this tool regularly to ensure that people are not accidentally making pri- 
vate data available to the rest of the world. 
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FIGURE 4-91: Looking for guest access. 


LoopHole will also tell you exactly what privileges Guests have been 
given on your servers (in the traditional “see folders,” “see files,” and 
“make changes” format). 


Is the Server Secure from Hackers? 


In the last section, one of the password protections I urged you to imple- 
ment as a matter of policy was the Failed attempts before log on dis- 
abled checkbox. (This can be set when you choose Password in the pop- 
up menu of the Web & File Server Settings dialog box.) The goal here is to 
limit the number of tries someone gets to guess a user’s password before 
AppleShare disables the account. For example, three strikes, you’re out! 
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Web & File Server Settings 


hd [3 _| Failed attempts before log on disabled 
S| Minimum cherecters in password 


— File Server ——________-__-_ 


Days until password expires 


[Jj Enable users to save password for automatic log on 


FIGURE 4-92: Restricting login attempts. 


As good as it is, this method is not failsafe. Any skilled hacker will learn 
from his initial mistake and never trigger this mechanism again. Instead, 
he will attempt two logons, then quit, then try two more, then quit, and 
so on. We call hackers who use this method of attack “nibblers.” 


Password Watcher spots these attacks. It keeps track of all failed logon 
attempts and emails the information to you at scheduled intervals. No 
registered users are going to miss their password all that often, so if you 
see a suspicious number of failed logon attempts you will know that 
something is amiss. 


Server Toois™ 


Users (14) 

g Admin 

gy Cass Kovel 
Dan Goldberg 
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Dorian Cougias 
Garrett Dell 
Jon Larson 
Juliana Dell 
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Sign of Possible Attack 
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Password Watgree 


Password Last Changed On... 
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Wed, Jul 9, 1997 
Tue, Jul 9, 1997 

Mon, Apr 7, 1997 
Wed, Jul 9, 1997 
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Riert Setup... Schedule E-mail Report.. Save Report... 


FIGURE 4-93: Detecting hackers by failed logon attempts. 


Password Watcher supports another element of your password policy by 
letting you know if users are changing their passwords often enough. It 
can send you this information as often as once a minute, giving hackers 
little time to invade your system. Such a short interval is probably exces- 
sive in most organizations. Daily notification should be sufficient. 


Specify when you wish a password report be sent to you: 


| Sun | Mon | Tue | wed | Thu | Fet | Sat | 
3 = H H 2 i 


Time: 9:00:00 A 


Date: 8/ 171997 


Repeat every: fb ] 


FIGURE 4-94: Setting the polling rate for failed login attempts. 


However you set the schedule, make sure to enable the Clear Failed 
Login Counters command under the Preferences menu bar item for an 
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interval greater than the polling rate. That way, Password Watcher will 
not delete evidence of suspicious activity before reporting it to you. 


What Has He/She Been up to? 


Suppose that a hacker has gained access to your server despite your best 
efforts, and has either deleted data from it or uploaded false data to it, 
and maybe even installed a virus. Or suppose a disgruntled employee 
has terminated his employment “with malice” and has systematically 
deleted the files from the server that he knew would hurt your organiza- 
tion most. That is what you have backup tapes for, right? Not exactly. 


Backup systems record data with the assumption that you will know 
what needs to be restored and where. The hard drive crashed, therefore I 
must restore the hard drive. The user deleted her spreadsheet, therefore I 
must restore the document. 


But what if someone deletes or modifies data in multiple locations? It 
might take quite a lot of effort to determine what is missing and separate 
that from what has been legitimately deleted. Even if you restore the 
entire server hard drive, you will still need to preserve however many 
files have been created since the last backup. A day’s work? A week’s 
work? In any case, it means more work for you. 


If the hacker has been at it for a long time, your most recent backup will 
not be as helpful. He might have deleted data a long time ago, beyond the 
range of your current backup, and it simply has not been noticed yet. 


After all is put right, won’t you want to prove who did this? 


In this situation you can use the ultimate AppleShare “Big Brother” appli- 
cation, ServerTracker, which watches all server transactions and records 
the particulars in a log file. This log then gives you an audit trail of who 
created, deleted, moved, renamed, and opened every server-based folder 
and file, and when they did it. 
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Is the Server Up? 


I never saw the real value in CrashGuard until recently. I used to say that 
a well-configured AppleShare server simply should not crash, and most 
of the time they do not. When I started setting up Mac OS-based Web 
servers, however, I found CrashGuard to be invaluable. While Apple- 
Share IP and StarNine’s WebSTAR might be rock solid, that is not the 
case with many of the cool CGIs I want to use. 


If your Web server absolutely, positively has to be there overnight, this 
nifty little tool can save you from a nasty early morning phone call. You 
can set it to restart the server within a given number of minutes after a 
system bomb or freeze, and then notify you of the event. 


:~ bg Restart after Freeze Up 
Inactivity Period: ZO 4 minutes. 


Options 


| i Post Notification on Restart 
| 4 Maintain Log File 


v 2.1 © 1993-96 by Karl Pottte. 


FIGURE 4-95: Configuring CrashGuard to restart your server automatically 
after a freeze. 


These are just some of the questions I have been able to answer using 
Server Tools. You may find many more that are particular to your envi- 
ronment. 


180 « AppleShare IP 


Scripting an Automated Backup with 
Retrospect 


In Chapter 3 I showed you how to create a complete milestone backup of 
your server's hard disk prior to installing AppleShare IP. Now that you 
have AppleShare IP up and running, you will need to perform this proce- 
dure again—regularly! 


I cannot stress enough the importance of regular server backups. I cannot 
tell you how many times I have had a sullen-faced client say to me 
“Thank God we had a backup!” I wish I didn’t have to tell you about the 
red-faced clients who have said, “We don’t have a backup.” Some of 
those ended up fired. On one level, regular backups save your organiza- 
tion a lot of personnel hours that would be wasted in recreating lost data, 
assuming it could even be re-created. On another level, regular backups 
can save that thing you are sitting on. 


I believe that you should back up your server at least daily. Fortunately, 
Dantz’ Retrospect makes regular backups easy by automating the pro- 
cess. There are many ways to set up an automated backup script. I will 
show you my favorite one here. Start with five DATs: 


e The first DAT is used to create a milestone backup, as we did in 
Chapter 3. It is then taken offsite so that if something happens to the 
office before you get the rest of the way through this procedure, you 
can still recover. It is also a good test of your Retrospect installation. 


e The second DAT is named StorageSet A. On the first day of the 
schedule (Sunday in my example) it is formatted and used to create a 
full backup. That is, everything on the server’s hard disk is backed 
up. On the second through sixth days of the schedule, it is used to 
maintain an incremental, or normal, backup. This means that only 
items that are new since the previous day’s backup are copied to 
DAT, a faster process. By the seventh day, I have a full week’s worth 
of server data. I take this offsite for safekeeping. 


e The third DAT is named StorageSet B. On the eighth day of the 
schedule (the next Sunday) it is formatted and used to create a full 
backup. For the next six days it is backed up incrementally. This tape 
is taken offsite on the following Saturday. 
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e The fourth and fifth DATs are named StorageSet C and StorageSet D, 
respectively, and used the same way: one full backup, six incremental 
backups, then offsite. 


e At last, the first DAT, StorageSet A, is brought back onsite to receive 
another full backup (which erases its previous contents). The cycle 
then repeats. 


Under this plan, the most data that could be lost if the server hard drive 
crashed would be one day, the interval since the previous backup. The 
most that could be lost if the entire office was destroyed would be one 
week, assuming that the disaster occurred on a Saturday (the interval 
since the previous StorageSet had been used). Finally, any file destroyed 
or lost at any time in the previous 30 days would be recoverable. 


For added security, I can also slip in a fresh tape for one of the StorageSets 
every month. That gives me an archive of server data that can span years. 


Here is how you would set up this script in Retrospect: 


Schedule unattended beckups or other operations 


Check a script 
Confirm thet o script ts ready for unattended operation 
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Preview 


FIGURE 4-96: Selecting the Scripts button. 


Launch the application and press the Scripts button under the Automate 
tab in the Retrospect Directory window. This will open the Script Selec- 
tion window. Press the New button to create a script. 
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No Scripts are defined. 
Please click Mew... to create one. 


A | mea ER | MRS opr «ARAM, 

Fast copying of a desktop disk or folder 

Set up Macintosh as network backup server 
Copy files with optional move 

Automate restore operations 


You will be asked what kind of script you wish to create. Choose Backup 
from the list and press the OK button. You will be asked to give the script 
a name. Do so and press the New button. 


| ie Please neme the new Script: 
ee 


Daily Rotational Backup 


(cmc) (ee) 
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Sources 


As was the case in Chapter 3, the first criterion you will choose is the 
source of the backup. Press the Sources button. Select the server’s hard 
drive in the Volume Selection window and press the OK button. 


® Juliana's PowerBook 


© Production 

© SMTP/POP 

@ Tom's PowerBook 
Source Groups 


FIGURE 4-98: Selecting the server hard drive. 


Confirm that the correct disks were selected when the next dialog box 
comes up; then press the OK button to continue. 
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12) Source Volumes for Backup... 
es 


Drag icons to change the order. 


Destinations 


Destinations Cj (no StorageSets chosen) 


Selecting {J All Files 


Options [_} Verification On 


Schedule (J (no destination Stor ageSets chosen) 


Next you will be asked to select the destination of the backup. Press the 
Destinations button. Here you will need to create StorageSets for each of 
the five DATs. Press the Create New button in the StorageSet Selection 
window to begin. 
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‘s ena eee More... to use others 
@@ Milestone 4/10/97 7/35/97 | >| 


FIGURE 4-99: Selecting Create New in the StorageSet. 
In the StorageSet Creation window, make sure that the correct storage 


type has been chosen and name the StorageSet. 


42) Creating a StorageSet... 
t/a «These creation options cannot be changed later : 


Storage type: | SCSI Tape Drives | > 


For DAT, DLT, 8mm, TEAC, QIC, DC2000, ete. 
Data may span multiple tapes ; a catalog is kept on the hard disk 


Seaty 
No Password /Enoryption specified 


Data Storage: [4 Allow Hardware Data Compression 
Used when available, overriding software compression 


Name: {|StorageSet 4 


" Used to name each tape in the Stor ageSet 


FIGURE 4-100: Naming the StorageSet. 


Please enter again to confirm: 
= ia 
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If security is an issue for your organization, press the Secure button to 
establish a password and/or encryption as well. Then press the New but- 
ton. You will be asked where the StorageSet catalog should be stored. I 
usually select the Retrospect folder. 


After you have saved the catalog, the new StorageSet will be listed in the 
StorageSet Selection window. Repeat this process until you have created 
all four StorageSets. 


is Destination StorageSets... 
——a 


Choose/Create a StorageSet, or More... to use others 


Milestone 4/10/97 7/5/97 | 4 
StorageSet A 


StorageSet B 


StorageSet C 


FIGURE 4-101: Viewing the newly created StorageSets. 


Press the OK button in the StorageSet Selection window when you have 
finished. Then choose all four StorageSets in the subsequent dialog box, 
and press the OK button here to add them to the script. 


Ke) Destination StorageSets... 
ey Drag toons to ohange the order. 


StorageSet A 
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Selections 


Your next task will be to identify the files you want to back up. Press the 
Selections button. The default is All Files. I recommend that you keep 
this. 


| Destinations (__}. G9 Storageset A 
Stor ageSet 
EB StorageSet C 
Stor ageSet D 


Options (_} Verification On 


Options 


Now there are a few procedural options to consider. Press the Options 
button. Verification On is chosen by default. This is used to compare 
backed up data with source data to determine that the duplicate was cop- 
ied correctly. 


. Stor ageSet B 
ED Stor ageSet C 
EB Stor ageSet D 


All Files 


Schedule (_} (not scheduled) 
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JB Rider sheet 


Verification 
After copying, compare each file with the original. 


(4 Data Compression Qn software) 
Sometimes slower , but requires as little as half the space. This option is 
aurtomatioaTly disabled if the storage device uses hardware compression. 


FIGURE 4-102: Selecting the More Choices button. 


Next, press the More Choices button. Additional options will appear. 
Select the AppleShare item here. 


2) Options for Baciasp... 
i Use the lst box to seleot an Options Group. 

AppleShare Options... 
AppleShare 
Catalog 

(4 Lock out volumes during backup 


Matching 
Compression For AppleShare servers, version 2.0 and later. As each volume is backed 
up, disconnect tts users and disable scoess until done. 


Source 


Citent Execution Warning time in minutes : 


Ctient System 


Preparing to back up server volume ~« volume» ”. Please 
close amy doournents you're using on that volume and drag the 
volume toon to the Trash. 


FIGURE 4-103: Locking out AppleShare volumes. 
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If people have files open on the server when Retrospect executes its 
script, these files will not be properly backed up. By choosing the check- 
box here, you can lock users out of these AppleShare volumes so that 
data integrity is maintained. 


Schedule 


The last step is to establish the backup schedule. Press the Schedule but- 
ton. Next, press the Add button to create the first schedule. 


Not currently scheduled. 
Click Add to create a Scheduler. 


FIGURE 4-104: Creating a new schedule. 
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You will be asked if this schedule is for a certain day of the week, an 
interval that repeats, or one time only. Choose the Day of the Week 
option, which will open a window in which you can specify when repeat- 
ing backups should occur. I want a full backup to occur each Sunday, so I 
make that the first date. I want it to happen at night when no one is 
around, so I select 10 P.M. as the time. This StorageSet will be used 
monthly, so I make four weeks the repeating interval. 


We) Add what kind of new Scheduler? 


pie | 
@ Dey of Week Run on the specified days of the week 


Repeating Interval Run at any requiar dathy ‘weekly ‘monthly interval 
@ Single Date Run onee on a partioular date 


== Dally Rotational Backup:Day of Week 


Do Full Backup to Gp) StorageSet A Every 4 weeks on Sunday, 
starting 7/13/97 at 10:00 PM [ox | 


7/13/1997 Sun 10:00 PM 


: (J Monday CL} Saturday 
C] Tuesday Sunday 
(J Wednesday 
[} Thursday 
[] Friday 


FIGURE 4-105: Scheduling a full backup. 


Press the OK button when you have finished. The new schedule will 
appear in the Schedule Selection window. Press the Add button and 
repeat the procedure. 
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Full Backup to GP StorageSet A 
7/18/97 10:00 PM 


Do Norms] Backup to GP SterageSet A Every 4 weeks on 
MTWTFS, starting 7/14/97 at 100 PM 


FIGURE 4-107: Scheduling a normal backup. 


This time, I want a schedule to handle the normal backups the rest of the 
week. I begin on Monday and select the checkboxes for Tuesday through 
Saturday as well. Now I have schedules for all seven days of StorageSet 
A’s run, and that schedule will repeat every four weeks. 
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TH3/97 Full Backup to G9 SterageSet A 

TH14497 Normal Backup to Gj SterageSet A 
7/15/97 Normal Backup to Gi SterageSet A 
7/16/97 Normal Backup to (& StorageSet A 
VITVA9T Normal Backup to G9 SterageSet A 
7/18/97 Normal Backup to G9) StorageSet A 


FIGURE 4-108: Schedules in the backup script. 


Repeat this procedure for the other three StorageSets. You may then close 
and save the script. 


There are easier ways to do this, but I think this best familiarizes you with 
Retrospect’s scripting functions. If you restart the server computer, Retro- 
spect will enable an extension that permits it to launch itself according to 
schedule and execute your instructions. Just be sure that the right DAT, 
or a blank one, is in the drive. 


Note: Dantz is one of those vendors that takes the time to write a good manual. 
You will find a wealth of information there. 


Remote Backups 


Retrospect is a great application for backing up a server locally. Its real 
claim to fame, however, is its ability to backup remote computers across 
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the network, made possible by the Retrospect Client, a small responder 
application that communicates with the main application on your server. 


Using Retrospect Client, you can choose the hard drives of workstations 
on the network as easily as you choose the server's hard drives. They can 
be added to the script you just created, and either AppleTalk or TCP/IP 
can be used to carry the backup traffic. 


Gd Juliana’s PowerBook 
BB Production 

@ smtP/Por 

GB Tom's PowerBook 


FIGURE 4-109: Viewing Retrospect clients on the network. 


This is an option I highly recommend. Why just protect the data on your 
server when you can protect the whole network? 


Adjust RAM Allocation 


Retrospect is designed to operate in a minimum of 2,100 Kbytes of RAM, 
but because of the large number of files usually stored on a server drive, 
it often must be given more. This can be done by selecting the Retrospect 
application and choosing Get Info from the Finder’s File menu bar item. 
Here, increase the number in the Preferred size field. 


194 « AppleShare IP 


@& Retrospect 
Retrospect 4.03 
Kind: application program 
Size: 2.5 MB on disk (2,684,771 bytes 


use’ 
Where: MadDog: Retrospect 4.0: 


Created: Sat, Jun 14, 1997, 9:00 AM 
Modified: Sat, Jul 12, 1997, 5:14 PM 
Version: 4.0i, © Dantz Development 
Corporation 1989-1997 
Comments: 


r-Memory Requirements —--—-; 
i Suggested size: 2100 


K 
Minimum size: K 
Preferred size: K : 


Note: Memory requiremé 
842K if virtual memory is turned off in 


the Memory controt panel. 


FIGURE 4-110: Adjusting Retrospect’s memory allocation. 


Dantz recommends the following memory allocations: 


Files/Folders Memory 

5,000 2,700 Kbytes 
10,000 4,000 Kbytes 
20,000 6,500 Kbytes 


Each additional 10,000 


3,000 Kbytes 


Note: Remember that the server should always be backed up with AppleShare IP 
running. This preserves the proper folder privileges. 
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IMPROVING FILE SERVER PERFORMANCE 


The factors that make a file server “fast” vary with each network environ- 
ment. The type of processor the server has, the amount of RAM available, 
and the network topology all play a part. Also important is the amount of 
processor and network bandwidth available, as well as the number of 
users who connect concurrently and the types of data they move when 
connected. 


In this section I will show you how to adjust some of these factors in 
order to optimize file services. First we will look at the basics: adjusting 
your server’s processing levels, caching, and the number of concurrent 
connections it supports. Beyond that, I will show you an advanced 
method for increasing your server’s performance: setting up Apple 
RAID. 


If server speed is paramount to your organization, you will also be inter- 
ested in RUN, Inc.’s RunShare software. This will be covered in Chapter 
12: 


Optimizing Processor Use 


You can modify AppleShare’s performance somewhat by adjusting the 
level of processing power it is allowed to demand from the processor. 
This adjustment is made with the Set Maximum level available in both 
the Web & File Server Admin’s Web & File Server Activity window and, 
as with earlier versions, the file server application’s Connected Users 
window. 
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Web & file Server Activity 


Status: Running Current User Activity: Sana opie aioe | 
Mame: AppleShare 5 Server Set Maximum: Min peer = T 


FTF 


FIGURE 4-111: Adjusting AppleShare’s processor usage level. 


By moving the lever to the right, you increase the processing time the 
computer gives Web & File Server, thereby increasing its performance. By 
moving the lever to the left, you reduce the time, thereby decreasing Web 
& File Server performance. 


If you are running other services in addition to Web & File Server on one 
computer, you should not generally “floor it.” By hogging the processor 
for Web & File Server, you reduce the processing power available for 
other applications and, in some cases, lower their performance. Experi- 
ment until you find the best compromise. 


Optimizing Cache Use 


The Web & File Server stores frequently used files, folders, and icons in a 
specially designated portion of RAM called the cache. 
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As I explained earlier, AppleShare IP will grab all available RAM except 1 
Mbyte for this cache by default. If you run more applications on the 
server computer besides AppleShare IP, you will need to reduce the size 
of the cache accordingly via Web & File Server Admin. 


erm ements tid Ne RR seme are 


The Web & File Server cache expands 
watil it eccupies all earoserved 
. memery. 


' “By reserving memory, you make sure there is 
| enough memory te run other applications. 


hey we ¢ al ” . EN ome 
aa eae telttea + Bi. AkeNae eo | 
OF * ay ey — aly ay . 
Reserved. memory for other epplitatia 
Ces a> or ane ee ae Sein: 


Toitat Avetlable Memory: 34472k | 
, Maxtinum Cache Size: 26260k 


FIGURE 4-112: Adjusting the RAM cache. 


Naturally, the more RAM you can allocate, the better your server will 
perform. 


You can make changes to the RAM cache on the fly to boot up occasional 
applications. Simply adjust its preferences as we did earlier and then 
choose the Reset Cache command from Web & File Server Admin’s 
Server menu bar item. Depending on the server computer, resizing can 
take a few minutes. 


Right-Sizing Client Connections 


The previous two settings make more computer resources available to 
AppleShare IP, but that is only half the equation. You can also optimize 
the number of concurrent connections permitted by your server so that 
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there is less overall demand on its resources. This too is done through 
Web & File Server Admin’s Settings dialog box. 


| Web & File Server Name: | AppleShere 5S Server 


{ 
Da Stert webs - Rcesiar Poneman pes 
Guest Connections: 


e Server and FTP Client Connections: Max 
Enable File Server Multihoming (AppleTalk) 


Enable File Server Clients to Connect over TCP 


/ | File Server Log On Greeting 


| |Welcom to Scion Networks jal: 
) t | 


= we EOE En a ae ES <a w ee we = == = = == 


FIGURE 4-113: Reducing the number of concurrent connections. 


By default, AppleShare IP allows the maximum number of concurrent 
connections that are permitted by your serial number. Do you really need 
that many? Lowering the number of users allowed to connect to the Web 
& File Server at the same time can improve its performance. You can limit 
the number of guest users who can log on at the same time separately. 
How generous do you want to be with your server’s resources? 


These limits affect the number of users who can connect through both the 
AppleShare client and FTP. They do not affect the number of concurrent 
Web browser connections, but, as you will see in the next chapter, that is 
a very different matter. 
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It’s RAID! 


Apple literature defines RAID as a Redundant Array of Independent Disks. 
That is a bit of a misnomer since what Apple RAID software really does is 
make multiple server drives interdependent. 


RAID levels are defined by international standards that refer to the per- 
formance characteristics they offer. The standards supported by Apple 
RAID are: 


e Level 0: faster data access, accomplished through striping, a tech- 
nique that spreads the data for a given file across multiple disks, thus 
multiplying the speed at which it can be stored and retrieved. 


AppleShare 
Server 


FIGURE 4-114: Apple RAID striping. 


¢ Level 1: data redundancy, accomplished through mirroring, a tech- 
nique that writes duplicate data to more than one disk, generally 
using two separate disk controllers. On a mirrored system, file ser- 
vices can be continued without interruption should the primary hard 
drive fail. In this event, the secondary drive takes over for the pri- 
mary automatically. 
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| 
[= AppleShare 
bn Server 


| 
a 
= 


FIGURE 4-115: Apple RAID mirroring. 


Apple RAID software, available as part of the Apple Workgroup Server 
bundle, is composed of two parts. The first is the main application, used 
to format and set up RAID drives; the second is the RAID monitor exten- 
sion, which makes sure the RAID disks are synchronized. 


da 


FIGURE 4-116: Apple RAID application and the Apple RAID 
monitor extension. 


Here is how it is used. 


Striping for Speed 


The hard disks on your server must be re-initialized to use Apple RAID. 
In addition to the standard HFS volume format, Apple RAID makes two 
more available: mirrored volume and striped volume. Striping is the for- 
mat that increases server performance. 
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Under RAID, a “volume” can comprise one or more disks—think of it as 
a virtual hard disk. One nice thing about this is that you are not limited 
by the physical constraints of your hardware. For example, your server 
may have four hard disks but, for convenience, you would rather give 
users just one volume to mount on the desktop. The four disks can be 
striped to present one volume. Going in the other direction, RAID vol- 
umes can be divided into partitions just like standard hard disks. If you 
wish your users to see the server as composed of multiple, separate vol- 
umes, then you need only create multiple partitions. 


A server's disk read/write times can be reduced by more than half with 
RAID Level 0. You will see the best performance if you use disks of the 
same make, model, and size that are configured identically and—if your 
server supports it—that run off separate SCSI buses with Fast / Wide-SCSI 
cards. 


Before I show you how to set up Apple RAID there are some rules you 
must know: 


¢ You will need between two and four hard disks of no less than 200 
Mbytes and no more than 2 Gbytes each in size. 


¢ There can be no more than 10 Apple RAID volumes per server. 
e There can be no more than eight partitions per volume. 


¢ Before you employ Apple RAID, you will first need to perform a 
complete milestone backup such as we did in Chapter 3. The data on 
all subject drives will be deleted during the following procedure! 


Mirroring for Safety 


Although the point of this chapter is performance tuning, I would be 
remiss if I did not also talk about protecting server data through mirror- 
ing. 


Mirroring has two main advantages. First, information on the mirrored 
volume is as old as the last disk write, not the last backup, which protects 
more data more often. Second, mirrored drives can take over for failed 
primary drives, making your server more fault tolerant. 
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Mirroring has two main disadvantages. First, duplicating the number of 
hard disks on your server can be expensive. Second, RAID Level 1 
increases read / write times somewhat (by about the same amount of time 
that RAID Level 0 increases it, in fact). 


Whether the advantages outweigh the disadvantages will depend on 
how crucial it is that all of your server’s data be preserved, and be avail- 
able, all the time. 


Setting up Apple RAID 


In the following section I will show you one way to set up a RAID system. 
No system can be set up without adequate planning. First, however, let’s 
look at getting the hardware up and running. 


Install the hard disks. Add new hard disks as necessary. When all 
the hardware is in place, boot the server to verify that the installation was 
done properly. At this point, you do not need to worry about formatting 
the new disks. 


When you know that the hardware is functioning properly, you may 
reboot the server from the CD-ROM that contains Apple RAID. (Hold 
down the C key when booting to make the CD-ROM the Startup Disk.) 


In this example, we will use two 1-Gbyte disks, both on a single SCSI bus. 


Initialize the hard disks. Both hard drives must be initialized to 
become RAID-compatible. This will erase all data on those disks, so do 
not perform this step without a backup. To initialize the drives, select 
them in the Disks pane of Apple RAID’s Setup window; then choose the 
Initialize command under the Disk menu bar item. 
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FIGURE 4-117: Initializing RAID drives. 


The process can take several minutes. When it is complete, you will see 
the newly initialized disks represented by Apple RAID icons. 


= 


DAU AUS 


all 


Ale 


a 


FIGURE 4-118: Icons of RAID-formatted disks. 
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Establish Startup Disk. At the moment, both of these disks are 
empty. To reboot the server you will need to create a volume that con- 
tains a System Folder—the Startup Disk. 


Choose the New command from the Volume menu bar item. This will 
open the Create New Volume dialog box, where you choose the Standard 
Mac HFS option in the Volume Type pop-up menu. 


FIGURE 4-119: Creating a Startup Disk. 


Next, name the volume in the Volume Name field (e.g., “StartUp”). Now 
you will need to establish a space that is large enough to store all of the 
data you plan to install on the Startup Disk (System Folder, AppleShare 
IP, etc.) in the Volume Size field. This could be the whole amount of avail- 
able free space on the primary disk or just a portion of it. Enter this num- 
ber in the Volume Size field (e.g., 400 Mbytes) and then press OK. 
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Standard Macintosh HFS W 


FIGURE 4-120: Setting aside a portion for the Startup Disk. 


When you have done this, the new volume will appear in the Volumes 
pane of the Setup window designated with the RAID icon. Note that the 
size of the Startup Disk (in Mbytes) has been subtracted from one of the 
drives in the Disks window. 


FIGURE 4-121: Viewing a RAID-formatted Startup Disk. 
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With the RAID established, you may install a System Folder on the Star- 
tup Disk. After that, install Apple RAID. From this point forward, you 
may run the server from the Startup Disk instead of the Apple RAID CD. 


Plan for RAID volumes. When you have restarted the server from 
its Startup Disk, you will be ready to set up the RAID configuration, 
which requires a bit of planning. The worksheet in Figure 4-117 can be 
helpful in organizing your volumes. Apple includes a paper version with 
its Apple Workgroup Servers, and I have created an electronic version for 
you on the CD-ROM that ships with this book. 


Apple RAID Worksheet SCS Bus t (enter disk capacity in MBytes) 
0 1 2 3 4 5 6 


Mirrored riped Standard 


Created by Tom Dell 


a 
a 


FIGURE 4-122: Apple RAID planning worksheet. 


Using this worksheet you can break down the amount of disk space each 
volume will get and decide whether the volumes are to be striped or mir- 
rored. For example, I am using two 1-Gbyte disks at SCSI addresses 0 and 
1. I type “1,000” (Mbytes) in the top row of the SCSI bus chart. Next, I 
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plan to dedicate 400 Mbytes as a standard volume to host my system soft- 
ware. I name it “StartUp” in the Volume Names field and type in the size 
(in Mbytes) under the appropriate format column. I use another 350 
Mbytes for a striped volume named “Need It Fast.” I assign the remain- 
der to a mirrored volume named “Very Important.” The totals are carried 
down to the bottom of the worksheet. 


Apple RAID Worksheet © SCSI Bus 1 {enter disk capacity in MBytes) 


Go 


SRRRRREEO 


Need It Fast 
¥ery Important 


ET et 


ACCC 


FIGURE 4-123: Entering data for RAID volumes. 


Use the remaining fields to partition the RAID volumes, if you want. If 
your server has two SCSI buses, put two forms together. 


Create striped volumes. To create a striped volume, select the 
New command from the Volume menu bar item and pick Striped - 
RAID 0 from the Volume Type pop-up menu. You will need between 
two and four RAID-initialized drives to host a striped volume. 
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Create New Volume 
Volume Type: | Striped-RADO ss Wf 
Shift-oliok to seleot the disks to use for this strip 


xy Bus: A, 1D: 0, Largest free area: '.OGB 


XJ Gus: 4. 1D: 1, Largest free area: 629 3 MB 


FIGURE 4-124: Creating a striped volume. 


A striped volume can be as small as 10 Mbytes and as large as 2 Gbytes. 
Name the volume in the Volume Name field, and enter the amount of 
space it will consume in the Volume Size field. You will also be asked to 
choose a stripe unit size. The default for this field is 32 blocks. Increasing 
or decreasing this might improve performance, but the default works best 
in most cases. Press the OK button when you have finished. 


To view partitions as well as volumes and disks, press the Expand icon in 
the upper right of the Setup window. 
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FIGURE 4-125: Expanding the Setup window to see volumes, 
partitions, and disks. 


Create mirrored volumes. Since a mirrored volume is a reflection 
of a primary disk, you will need to select a secondary disk that has 
enough free space to hold the copy. 


Again, choose the New command from the Volume menu bar item. In 
the Create New Volume window, select the faster of two drives as your 
primary disk (because that is the one from which the server will be read- 
ing). Next, hold the Shift key down to include a secondary disk. Choose 
Mirrored - RAID 1 in the Volume Type pop-up menu, give the volume a 
name, designate a size, and then press the OK button. 
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FIGURE 4-126: Creating a mirrored volume. 


Besides creating a mirrored volume from scratch, you can also mirror a 
standard volume. Select the standard volume in the Volumes pane of the 
Setup window; then choose the Create Mirrored Volume command from 
the Volume menu bar item. In the Select Mirror Disk dialog box that 
appears, select a secondary disk of sufficient size to hold the mirrored 


volume. 


FIGURE 4-127: Selecting a secondary drive. 
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Pressing the OK button takes you to the Mirror Create Parameters dialog 
box. If other processes are running on the server while you are doing this, 
you can decrease the I/O Rate and I/O Size settings here in order to pre- 
vent slowing users’ work to a crawl. 


It is a good idea to mirror the Startup Disk. Should the primary disk ever 
fail, your System Folder, with all of its vital preference settings, will still 
be available on the secondary disk. 


Rebuilding RAID Disks 


RAID will usually operate without your intervention. Sometimes, how- 
ever, you will notice a RAID notification icon flashing at you from the 
server. Launch Apple RAID to correct the problem. 


An Out of Sync error is common when the server is shut down improp- 
erly. You see the affected volumes flashing in the Setup window. To cor- 
rect them, choose the Rebuild command from the Volume menu bar 
item. 


If you rebuild RAID volumes while AppleShare is running, lower Apple- 
Share’s Set Maximum remote user processing level to 50 percent or less. 
Rebuilding is a CPU-intensive operation. 


Restoring RAID Disks 


If your server goes down and you need to restore all of its data from a 
Retrospect backup, your volumes will not be rebuilt in the same striped 
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and mirrored format in which you created them. The volumes and their 
data will be restored, but not the RAID configuration. For this reason, it is 
wise to take screen capture of the Apple RAID Setup window each time 
you change the configuration by pressing the Shift-Command-4 key 
combination. Print this out and keep it in a safe place. 


SUMMARY 


AppleShare IP file server uses AppleTalk, FTP, and AFP/TCP to share 
the folders and the files they contain (share points) with registered users 
who have privileges to read data, write data, or both, in one of three cate- 
gories: owner, user/ group, and everyone. 


Guest access and anonymous FTP permit unknown users access to the 
server and should therefore be used carefully. 


Web & File Server Admin defines share points and their associated access 
privileges, creates and manages user and group accounts, and enables/ 
disables server operations and various preferences. 


Santorini’s Server Tools may be used to enhance server administration by 
providing extensive accounting, performance management, and fault 
management functions. 


Dantz’ Retrospect may be used to back up the data of both server and 
remote workstation hard drives to a variety of media over AppleTalk or 
TCP/IP. It can be scripted to run automatically, and it should be sched- 
uled to run at least daily. 


There are several ways in which file server performance can be improved, 
including processor and cache optimization and the limitation of concur- 
rent user logons. In some cases, Apple RAID can be employed to provide 
hard disk mirroring and striping. 


AppleShare IP Web 
Server 


In addition to the file server capabilities AppleShare IP provides, 
the Web & File Server application gives you the ability to host a 
public Web site or a private Intranet. 


A Web server's simple function is to dole out to clients, or brows- 
ers, that request them ASCII text documents that are interspersed 
with HyperText Markup Language (HTML) tags. The Web browser 
interprets the HTML tags as code directing it to display the docu- 
ment’s text, and any images that are linked to the document, in a 
certain way. 


The real power of a Web server comes from its use of Common 
Gateway Interface (CGI) applications, which process information 
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and pass the results, in HTML, to Web browsers. AppleShare IP supports 
the use of such CGIs. 


As is the case with AppleShare, Web servers adhere to the traditional cli- 
ent/server paradigm, with some important variations. In this chapter I 
will explain how Web transactions take place over the HyperText Trans- 
fer Protocol (HTTP) and how CGI interactions work. I will show you how 
to enable AppleShare IP Web Services, create Web pages, and work with 
CGIs and Multipurpose Internet Mail Extensions (MIME). Finally, I will 
show you both basic and advanced procedures for administering Web 
services. 


HOW THE WEB WORKS 


The popularity of the World Wide Web, also referred to as WWW, W3, or 
just the Web, has taken most computing professionals by surprise. When 
my career in computers started, anyone who referred to a GUI on the 
Internet meant Gopher. This system, created at the University of Minne- 
sota and named after its mascot, uses a primitive hierarchical display of 
windows and folders. 
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| File Edit Gopher Recent Help 


Gopher Consultant service. 


gopher n. 1. Any of various short tailed, burrowing mammals of 

the family Geomyjidae, of North America. 2. (Amer. colloq.) 

Native or inhabitant of Minnesota: the Gopher State. 

3. (Amer. collog.) One who runs errands, does odd-jobs, fetches 

or delivers documents for office staff. 4. (computer tech.) 

Software following a simple protocol for tunneling through a TCP/IP 
internet. 


q/ fj 'f you have questions or comments, you can get in contact with the 
Gopher development team by sending e-mail to: 


gopher@boombox.micro.umn.edu 


©1991-95 University of Minnesota. | « OUnEnnn nnn 


FIGURE 5-1: The University of Minnesota’s Gopher. 


The vision of a worldwide library, as the Web has become, is not a new 
one, however. As early as 1945, Vannevar Bush wrote in the Atlantic 
Monthly that the next endeavor of scientists—having ended World War II 
by ushering in the nuclear age—should be to create an easily accessible 
repository of all human knowledge. The people who could really do 
something with the knowledge, he noted, were not always able to find it. 


The means for achieving such a goal were suggested in 1981 when Ted 
Nelson wrote Literary Machines, in which he described a system that per- 
mitted readers to create links via HyperText. He called the system 
Xanadu. 


The Web as we know it today was not created by such lofty visionaries 
but by men with a specific and practical need. Tim Berners-Lee wanted to 
speed up the time it took to locate information in the huge volume of 
databases, reports, notes, and technical papers maintained by the Euro- 
pean Particle Physics Institute (CERN) in Geneva, Switzerland. He had 
hacked together a HyperText tool in the early 1980s and thought this 
might be just the place to apply it. He proposed this in 1989. 
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Berners-Lee’s HyperText project turned into the Web in 1990 when he 
and a colleague, Robert Cailliau, co-authored a document that introduced 
the idea of a networked “web” of computer nodes through which one 
could browse by using HyperText links. In 1991, CERN’s World Wide 
Web went into action. A year later, CERN released a library of Web 
development tools, and the first Web browser was made available via 
FTP. 


The Web was still unknown to most people until 1993, when Marc 
Andreesen and Eric Bina of the National Center for Supercomputing 
Applications (NCSA) created Mosaic. I assume you are familiar with the 
rest of the story. Mosaic became hugely popular, and Andreesen co- 
founded Netscape Communications Corp., which became the early stan- 
dard-bearer for Web applications. Then software giant Microsoft entered 
the market. Today, the Internet is a mass medium. 


In addition to Mac OS versions of Mosaic, the Mac OS world got a Web 
server with the introduction of Chuck Shotten’s shareware application 
MacHTTP, later to be superseded by Quarterdeck /StarNine’s WebSTAR. 
Not until 1997, however, did Apple join Microsoft and Novell in adding 
Web services to its file server offering. 


The initial AppleShare IP release does its job using the HTTP 1.0 stan- 
dard. Here is how it works. 


HTTP in Action 


Like AFP and FTP, HTTP requires a reliable connection between the cli- 
ent and server over which it can transfer its HyperText files. Also like 
AFP and FTP, it uses TCP to make this connection. Beyond that, it oper- 
ates somewhat differently. 


Once a workstation is properly configured and attached to the Internet, it 
can communicate with any HTTP server in the world like so: 
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aie = 


f — 
internet 


Ons 


re 
a pr fg 
ee - 


Web Server 


May | have 
http:/Aweb_foider/ 
default.htmi? 


FIGURE 5-2: Client-server communication using HTTP. 


1. Dick directs his Web browser using a Universal Resource Locator 
(URL). A URL is composed of a protocol associated with a hostname 
in a command format: 


Domain Name 


http:/Awww.yoursite.com/ 
Ss eee ees 


Protocol Hostname 


The URL may or may not include a directory path and file name: 


http:/Awww.yoursite.com/web_folder /default.html 
Pa ge ee | 


Protocol Hostname Pathname 


Technically, a URL is a form of Universal Resource Identifier (URI)— 
a formatted text string that identifies a Web resource by name, loca- 
tion, or some other characteristic. 
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The browser opens a TCP connection and calls on DNS to identify the 
IP address of the machine associated with the hostname. (This type of 
transaction is the subject of Chapter 11.) 


The workstation and Web server establish a TCP connection. 


The first HTTP command (appropriately named GET) is sent from 
the browser to the server. This command is a request, which contains 
some identification for the request method, URI, protocol version, 
request modifiers, client information, and perhaps some body con- 
tent. In other words, the browser asks for a Web page. 


The server now sends a response consisting of a status line that 
includes the protocol version, a code designating success or failure, a 
message containing server information, body content, and perhaps 
more data. In other words, the browser hands back the requested 
Web page or an error message explaining why it could not do so, 
such as “error 404: Not Found.” 


Once it has received the response, the browser tears down the TCP 
connection and displays the body content to Dick. 


There is a difference between this and the other file exchange methods I 
have shown you so far. Traditionally, the TCP connection is maintained 
only for as long as it takes for the request /response transaction to com- 
plete. After that, the browser has nothing more to say to the Web server, 
and the Web server forgets all about the browser. When another URL is 
needed, the process begins again. 


This methodology makes Web services easy on a server’s processor, espe- 
cially where the HTML pages are small. Consider this, however: Every 
HyperText link to a referenced document requires a separate connection. 
If you have a home page that is linked to two images, that home page will 
require three separate connections to be properly displayed in a browser. 
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FIGURE 5-3: One page, but three hits. 


Remember that the next time some novice Webmaster tells you how 
many connections, or hits, are generated by his Web site. If you hear 
something like “200 people browse our home page every hour,” ask, 
“You mean you got 200 hits?” If the home page has 10 images on it, then 
20 people visit that home page per hour. 200 divided by 10 equals 20. 


Multiple connections create multiple delays, which did not make sense to 
a lot of people, including Apple engineers. First, the browser has to 
resolve the hostname with DNS each time. Second, the browser and 
server have to set up a new TCP connection. Then there is a slowdown 
while the TCP/IP protocol adjusts its transmission speed to the available 
bandwidth. Finally, the browser must tear down the TCP connection after 
the file is transferred. 


To avoid this, Apple engineers adopted the concept of “persistent con- 
nections” or “keep-alive, ” in which a browser and a Web server open a 
connection and keep it open, using the same TCP connection to support 
multiple requests and responses. Browsers capable of reading the new 
HTTP headers that make this possible can even “pipeline,” sending a new 
request without waiting for the response to a previous one. 
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FIGURE 5-4: A connection using “keep-alive.” 


As with AFP, the connection is not left open indefinitely. If there is no 
request from the browser in 60 seconds, it “times out” and is terminated. 


Although HTTP is thought of as the primary protocol of the Web, mod- 
ern browsers seamlessly support others as well, such as FTP, Gopher, and 
Telnet. 


How About AFP://2 


If Web browsers can access files using HTTP/TCP and FTP/TCP, then 
why not using AFP/TCP? They can, if they have been programmed to 
recognize AFP. As of this writing, most are not. 


| This program does not support the protocol for 
accessing ‘afp://38.247.58.100'. 
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There is a solution to this situation, however. Open Door Networks’ AFP 
Engage! works in concert with Internet applications such as Web brows- 
ers and email clients to process URLs that refer to AFP. 


To install AFP Engage!, launch both it and your Web browser and then 
select the Register command from the AFP Engage! File menu bar item. 


AFP Engage! has successfully registered with your 
active Web browser. AFP Engage! will now be 
invoked whenever your Web browser encounters 
an AFP URL. 


Retworks. 


FIGURE 5-5: Successful AFP Engage! installation. 


Now, when you type a URL in the form 
afp:/ /www.yoursite.com/Pub 


AFP Engage! will mount the remote server’s volume on your Mac OS 
computer’s desktop. 


Directory Listing 


Recall that with both AppleShare and FTP, a successful client logon gen- 
erally ends in the user viewing the contents of a folder or directory. The 
Web server, on the other hand, returns a home page. On most Web serv- 
ers, HyperText links are arranged in such a way that users move from 
page to page without paying attention to the directory structure that con- 
tains them. It does not have to be that way, however. By using Apple- 
Share IP’s automatic directory listing feature, users can specify a folder in 
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a URL, and so long as they have proper access privileges they will be 
shown a HyperText directory listing of that folder’s contents. 


GB 


Directory Listing of WOMBAT === fe 


» © 6 G& @@S @2@ A &« 


€ 
Back | Siep Refresh Home Search Mati News Favorites Larger Smaller 
Address: [http ://38.247.58.100/WOMBAT 


~ 


AL AA RA AA RI —— 


I ANY NAOT 


Directory Listing of: WOMBAT 


Modification Dat 


Thu, Jul 24, 1997 3:24 PM 

Thu, Jul 24, 1997 3:24 PM 

corpkool. gif Thu, Jul 24, 1997 3:24 PM 
Default. hunl Thu, Jul 24, 1997 3:24 PM 
product.GIF Thu, Jul 24, 1997 3:24 PM 
untitled Thu, Jul 24, 1997 3:24 PM 


FIGURE 5-6: Viewing a folder’s contents via a directory listing. 


This will work unless you put a file named “index.html” in the folder. In 


that event, the Web server responds with that file instead of the directory 
listing. 


ESTABLISHING WEB SERVICES 


If you followed the instructions in the previous chapter, you might 
already have AppleShare IP’s Web services up and running. If not, let me 
take you through an abbreviated version of the procedure. 


Chapter 5: AppleShare IP Web Server « 223 


Launch Web & File Server Admin 


To use the Web server for the first time, launch the Web & File Server 
Admin application by double-clicking on it directly or, if you have 
AppleShare IP Manager running, by pressing the first button in the win- 
dow. (You can also choose the Open Web & File Admin command under 
AppleShare IP Manager’s File menu bar item.) 


fippleShere IP Manager====== Bi. 
Status 


7 Web & File Admin: Not Running 
Esa Web & File Server: Not Running 
Web: Enabled 
File Server via AppleTalk: Always Enabled 
File Server vie TCP: Enabled 


FTP: Enabted 


m Mail Admin: Not Running 
ee | Mali Server: Not Running 


~ Print Admin: Not Running 
| a) Print Server: Not Running 


FIGURE 5-7: Launching Web & File Server Admin from 
AppleShare IP Manager. 


This will open a password dialog box in which you must enter the 
Administrator Name and Password. Then press the OK button. The Web 
& File Server Activity window will appear. 
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Web P Fie Server Act.(} SS 


Stetus: Not Running Current User Activity: "aes 
Name: AppleShare 5 Server Set Maximum: Mia Max 


Anonymous FTP Log On: Enabied 
Guest Access for Web & File Server: Enabied 


(day hr:min) (day hr:min) 
Connection Type Connected For idle For 


FIGURE 5-8: AppleShare IP Web & File Server Admin and its Web & File 
Server Activity window. 


This window tells you who is connected to your file server and how 
active they are. It does not tell you about browsers connecting over 
HTTP, however. 


Launch Web & File Server 


If the Web & File Server application is not already running, you can 
launch it manually by choosing the Start Web & File Server command 
under Web & File Admin’s Server menu bar item (or by pressing the 
Command (3)-[ key combination). 
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File ahve veiling.” 


Shered items: 


FIGURE 5-9: AppleShare IP Web & File Server and its Server Info and 
Connected Users windows. 


Web & File Server uses AppleShare’s traditional interface, with some 
additions. For example, the HTTP status line will tell you if Web services 
are on or off. 


Create Share Points 


You need to share the “Web Folder” that AppleShare IP created on the 
server's hard drive (or one that you create on your own). Doing so will 
give Web browsers access to the Web server’s HTML pages. 
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912.3 MB in disk 


System Folder Apple Extras 


FIGURE 5-10: Sharing the automatically created Web Folder. 


To do this, bring Web & File Admin forward in the Finder and select the 
Show Disks & Share Points command under the Server menu bar item 
(or use the Command (3)-L key combination). Here, click on the arrow 
next to the name of the server’s hard drive to see a cascading list of its 
contents; then choose Web Folder in the list. 


Show: ( Disks 
@ Share Points 


D [RG Bete Readers shered folder 

Db RY Client Drop shered folder 

b | Examples shared folder 

D FRR Net instar shered folder 

> RS Pub shared folder 
~ 


tent —StetiRolde shared folder 
4| Db RQ web Folder shared folder 


FIGURE 5-11: The Web Folder as a share point. 
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Choose the Privileges button here to open the Web Folder’s Privileges 
dialog box (or just double-click on it). 


Ee) == priviioges: Web Folde 


Select Privileges 
G Use enclosing item's privileges 
@ Set privileges for this item 
@ Make this a share point and set privileges 


Po Prt re te Neher Ate ie Rete ARRAS tra Meta heh Bt be ae Aah de eas oa ea A dose aRe Nee 


) Make el! enclosed folders like this on 
ee i ee 


Ci can't move, rename, or delete this folder 


FIGURE 5-12: Setting Web Folder privileges. 


In the Privileges window, choose the Make this a share point and set 
privileges button in the Select Privileges field. The Administrator's 
account name is listed in the Owner field by default. Change the access 
privileges for Everyone to Read Only (eyeglasses) in the field’s pop-up 
menu. Press the Save button and then close the Privileges window. 


If you want to allow guest access to your server via FTP but not HTTP, 
perhaps because the server is part of a private Intranet, leave Everyone 
Privileges as None. Next, create a group and add all of your registered 
users to it. Assign the group privileges in the user/ group category. If you 
are the only one making changes to the Web Folder’s contents, give the 
group Read Only access. If others in the group also make changes, give 
the group Read/Write privileges. 
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Note: If you have created your own folder, it might not be named “Web Folder.” 
: Whatever it is named, I will refer to the folder that is home to your HTML pages 


oe as the “designated Web Folder” from here on. 


Enable Web Services 


Next, choose Web in the pop-up menu of the Web & File Server Admin’s 
Web & File Server Settings window. 


Current Default Home Page Fite: 
MadDog:Web Folder:Home.HTML 


FIGURE 5-13: Enabling Web settings. 


This window is your primary point of interaction with the Web server. Its 
features follow. 


AppleShare IP’s HTTP server is activated with the Enable Web Service 
checkbox. 


Si 
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As with the file server, the number of people who can connect to your 
Web server at the same time is limited by your serial numbers. If your 
AppleShare IP serial number supports more than 50 concurrent users, 
you can achieve the maximum number of HTTP connections, 100. 


You may increase server performance by reducing the number of connec- 
tions in the Client Connections field. 


If you activate the Enable Web Log checkbox, information about each hit 
handled by your Web server will be stored in a log file. I recommend this, 
but you should know that enabling this feature might decrease the per- 
formance of your AppleShare IP servers by as much as 10 percent. 


Web activity is restricted to just one folder on the server, which can be 
designated using this button. AppleShare IP creates a “Web Folder” at 
startup, but you can use another if you prefer. 


The Mac OS makes a Web server secure. Its HFS makes it bulletproof in 
the face of attacks that regularly compromise other platforms. Even if you 
made a mistake and opened up this folder to guest access with read/ 
write privileges, the worst damage someone could do would be to ruin 
your Web pages. They would not get beyond that folder. 


All Web sites have one point of entry, called the home page. You can 
choose an HTML document to be your home page with this button. When 
users request a URL without a specific path to visit your site, this is the 
first page AppleShare IP will give them. 


A home page is traditionally named “index.html” or, in some cases, 
“default.html.” Under AppleShare IP, you may call it whatever you like. 


View Apple’s Test Page 


When AppleShare IP creates the Web Folder, it includes an HTML file 
and some linked images. If your Web server is running properly, you 
should be able to see this page by typing the appropriate URL into your 
favorite browser. 
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Welcome 


to 
“ ry Your AppleShare IP Web Site! 


This is the "default" home page that is displayed when users visit your Web sit. To make your AppleShare [P Web sit 
available to all users on your network (and the Inemet if you have an Inemet connection), do the following: 


e Make sure that guests can log on. To see if guests can log on, check the status of guest access in the Web & 
File Server Activity windov. If guest access is disabled, choose Show Users & Groups List from the Users menu, 
and double-click the Guest icon in the Users & Groups List window. Click the “Enable Guest Access t the Web 
& File Server” checkbox so that an X appears. Then click Save. 


e Give guests Read Only access to the Web Folder. To give guests Read Only access, choose Disks and 
Share Points from the Server menu. Double-click the icon for the Web Folder at the root level of your startup disk. 
Choose the Read Only icon from pop-up menu next w the Everyone category. Then click Save. 


You can use your Web site t make information available w users on your intemal network or on the Inwmet. To customize 
your Web site, edit the file named Default. hun! located in the Web Folder at the root level of your startup disk. 


One way © customize your Web site is © use HomePage, which comes with AppleShare IP. HomePage is a Web design 
tool that makes it easy to create and maintain your Web site. For more information on HomePage, see the Read Me file on 
the AppleShare IP Companion CD. 


FIGURE 5-14: Apple’s default HTML page. 


Create Your Home Page 


You know the Web server is working if you are able to see Apple’s 
default HTML page, but who wants to look at that? Your organization 
now has its own Web server, so it should have its own home page! At 
least put one up to let visitors know that they came to right place but that 
the site is “under construction.” Those of you who know HTML or who 
have a copy of Claris HomePage or some other HTML editor, can get to 
work. Those of you who do not can still put up a page without much 
effort. Let me show you how. 


You do not need any special software to create a home page. All you need 
is a text editor such as Apple’s SimpleText (which comes with the Mac 
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OS) and knowledge of a few codes that I will show you. If you have any 
art that can be included in the home page, such as a logo, convert it to a 
GIF (Thorsten Lemke’s shareware utility GraphicConverter is great for 
this) and put it in the designated Web Folder. It is best to keep these art 
files at 45 Kbytes or less so that they will load quickly even over slow 
modem connections. 


For the sake of this example, let’s say that your organization is a beverage 
distributor. You might want your first page to say something about what 
your company makes. 


Launch SimpleText and open a new document. The first step is to type in 
a code that will let a browser know that this is not just an ordinary text 
file but a Web page. Do this by typing the <HTML> tag like so: 


FIGURE 5-15: Tagging your text file as HTML. 


Next, give the document a meaningful title. For example, let’s call our fic- 
titious company Jones Beverages, Inc. The title of our home page could be 
“Jones Beverages Home Page, ” and we would type it up like this: 
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<TITLE>Jones Beverages Home Page</TITLE> 
</HEAD> 


FIGURE 5-16: Adding the title. 


Whatever is between the < and the > characters a Web browser will 
accept as computer code. The first tag turns a given attribute on; the sec- 
ond tag, preceded with a /, turns it off. 


If you look at Figure 5-16, you can see that I have told browsers that here 
is the <HEAD> of a home page with a specific <TITLE>. The title is what 
appears in the window bar of the browser, not in the actual window: 


E) === Jones Beverages Home Page == EB 


To put something inside the window we must open with a <BODY> tag. 
Here we can add another title in a size that ranges from <H1> (biggest 
heading) to <H6> (smallest heading). What these sizes actually work out 
to in points is relative to the preferences of the browser. We can surround 
the heading with a formatting tag, <CENTER>, to put it in the middle of 
the page. 
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<TITLE>Jones Beverages Home Page</TITLE> 
a 


</H r 
] <BODY> 
<CENTER><H1>Welcome to Jones Beverages!</H 1></CENTER> 


FIGURE 5-17: Adding a heading. 


Under that we can add a slogan with no particular formatting. Note that 
unlike a normal word processor, HTML does not drop to the next line 
automatically when you reach the end of a page. You never know how 
wide the page is going to be when displayed in a browser, so a line break 
must be inserted whenever you want text to start on a new line. These 
tags come in two types. The <BR> (Break) tag puts you on the next line. 
The <P> (Paragraph) tab adds one line of space and then drops you to the 
next line. 


<TITLE>Jones Beverages Home Page</TITLE> 

</HEAD> 

<BODY> 
NFERSTHTS Wettome-to Jones Beverages!</H 1></CENTER> 


| Does your brain hurt?<BR> 
Wash it good with<P> 


FIGURE 5-18: Adding text with line breaks. 


You do not need a line break tag after a heading tag, however. 
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Now let’s add a logo with an <IMG SRC> (image source) tag and the 


name of the image file, like so: 


. Se ene RCPS EFS RACER AURIS SFR ILTEK RST PPP A aN NTC TE I A Sen tT MATION ATT renee ot TTI 
ba Toys Cee ony 5 : 
of 4 


<HTML> 


<HEAD> 


<TITLE>Jones Beverages Home Page</TITLE> 

</HEAD> 

<BODY> 

<CENTER><H1>Welcome to Jones Beverages!</H1></CENTER> 
Does your brain hurt?<BR> 


C |] <IMG SRC="corpkool.GIF“> 


FIGURE 5-19: Adding an inline image. 


Now, add a line at the bottom of the page using the <HR> (horizontal 
rule) tag. It is traditional for the Webmaster to sign the page, date it, and 
leave an email address. This is usually done with a small heading (e.g. 
<H6>). 


<TITLE>Jones Beverages Home Page</TITLE> 

</HEAD> 

<BODY> 

<CENTER><Ht>welcome to Jones Beverages!</H1!></CENTER> 

Does your brain hurt?<BR> 

Wash it Lith F 
RC="corpkool.GIF”> 


<H6>Designed by JH<BR> 
Last Updete: July 4, 1997<BR> 
Webmaster: webmester@corpkool.com</H6> 


FIGURE 5-20: Signing the home page. 


To close the document, close the <HTML> and <BODY> tags that were 
opened at the top. 
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<HTML> 
<HEAD> 
<TITLE>Jones Beverages Home Page</TITLE> 
</HEAD> 
<BODY> 
| <CENTER><H1>wWelcome to Jones Beverages!</H 1></CENTER> 
Does your brain hurt?<BR> 
Wash it good with<P> 
<IMG SRC="corpkool.GIF”> 
} <HR> 
<H6>Designed by JH<BR> 
Last Update: July 4, 1997<BR> 
oe - webmaster@corpkoal.com</H6> 


</BODY> 
</HTML> 


FIGURE 5-21: Closing the home page. 


You now have a simple but perfectly useable home page. Save it under 
the name “Default.html” in the designated Web Folder and it will over- 
write Apple’s version. Then open it from a Web browser. 


Address :| file :// /Macintosh%20HD/WebS20F older /Default htm! 


Welcome to Jones Beverages! 


| Does your brain hore 
| Wesh it good with 


UNCLE DORIAN'S 


orporate 
ooler 


FIGURE 5-22: Example of a simple home page. 
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It is beyond the scope of this book to go into HTML further. If you have 
never done any HTML composition before and this interests you, take a 
look at some of the commercial editors available to make the task easier. 
My favorite is Claris Home Page. 


Gos) © Gas AE|cen] Sey 
ae EE) a (ele LTT 


Welcome to Jones Beverages 
We supply the lunch rooms of some of America's biggest (if shorest lived) companies. 


Does Your Brain Hurt? Then Wash 1t With ... 


UNCLE DORIAN’S 


orporate 
ooler 


= unfiltered delusions from the makers of Aunt! 
| Rose' 3 Colored Glasses and Subliminal Soda. it 


‘ust one sip and you'll begin t feel, not ae : 
you’ Te not in a dead end job working fora failing : 

(has- been company, but also that your co-workers i 
more than tolerate you, they like you! 


‘Don’ t Waste Time on the Job With 
Reality. Buy a Case of Uncle Dorian's 
Corporate Kooler Today! (Mass Orders 
jeremy 


@ Try our new Appk flavor! 


FIGURE 5-23: Using Claris Home Page to create Web pages. 


Note: The best source of information on Home Page is Claris Home Page 
Companion by Maria Langer (AP PROFESSIONAL, 1997). 


Chapter 5: AppleShare IP Web Server « 237 


Using MIME 


One of the nicest things about AppleShare IP’s Web & File Server is that it 
supports Multipurpose Internet Mail Extensions (MIME). These enable 
Web servers and browsers to process the files transferred to them using 
the correct application. For example, if a file is compressed in Aladdin's 
StuffIt format (as designated by a “.sit” or “.sea” suffix in the name), 
MIME can tell your browser to expand it for you automatically. 


The combination of suffix, file type, creator code, MIME type, and the 
actions they perform is called MIME type mapping. You can view these by 
choosing the Web & FTP MIME Types command from Web & File 
Server Admin’s Server menu bar item. 


text/html 
text/html 
text/htm? 
text/html 
text/html 


text/html 
text/plain 
text/ plein 
text/plain 
image/jpeg 


FIGURE 5-24: Viewing the Web server’s default MIME type mappings. 


MIME type mappings’ parts work like this. 


Action 


The Action field tells the Web server to perform one of several possible 
operations: 
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Text. Return the file that matches this mapping as a text file. 
Binary. Return the file that matches this mapping as a binary file. 
CGI. Execute the file that matches this mapping as a CGI script. 
Execute. Launch a specific CGI script. 


MacBinary. Encode the file that matches this mapping using MacBi- 
nary. 


BinHex. Encode the file that matches this mapping using BinHex. 


These last two are significant options. Ordinarily, the Web server returns 
only the data fork of a requested file to the browser. Without its compan- 
ion resource fork, the file loses such niceties as icon, formatting data, and 
application association. That is fine when the file is requested by non-Mac 
OS machines, which do not understand the resource fork anyway, but it 
is limiting for people who have Macintoshes. 


Thanks to these two MIMEs, when a requested URL ends with the exten- 
sion “.bin” or “.hqx,” the Web server automatically encodes the contents 
of the file’s data and resource forks in either the MacBinary or BinHex 
formats and then sends the result to the browser—even when the file 
stored on the server and referenced in the URL does not have the exten- 
sion. In other words, you do not have to encode the file before you put it 
up on the server. AppleShare IP can do the encoding on the fly. 


At the client end, a utility such as Aladdin’s StuffIt Expander will decode 
the format. (More about that in Chapter 8.) 


Suffix 


The Suffix field may or may not contain something. It will usually hold a 
three-letter designation that begins with a period (.), such as the “.bin” 
and “.hqx” mentioned above. 
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File Type 


The File Type field contains a four-place file type or an asterisk (*) to indi- 
cate that any file type is a match. 


Creator 


The Creator field has four places for the Mac OS creator code. An asterisk 
(*) can also be used to mean that any creator code is acceptable. 


MIME Mapping 


This field contains the MIME mapping’s name, which is in two subfields 
separated by a forward slash (/), such as “application /x-macbinary.” 


Where asterisks are used in the preceding fields, a literal match will take 
precedence over the wild card match. If a given file can be matched with 
two or more MIME type mappings, the one with the most specific field 
matches is used. A tie between two or more of these mappings goes to the 
one that matches the file’s suffix. 


The AppleShare IP Web & File Server comes with more than 75 MIME 
type mappings. These ensure that the server knows about most of the 
Web’s commonly used formats, such as Adobe Acrobat (.pdf), JPEG 
(jpg), GIF (.gif), QuickTime (.qt), MPEG (.mpg), Microsoft video (.avi), 
MIDI (.midi), WAV (.wav), RTF (.rtf), and so on. Apple engineers even 
threw in a couple of workplace standards not supported by most IS 
departments: ID’s Doom and Bungie’s Marathon. 


As new formats become available, you can add them to the list. For exam- 
ple, since AppleShare IP supports those well-known productivity 
enhancers Doom and Marathon, why not 3D Realms’ Duke Nukem as 
well? 


To add a MIME type mapping, you first need to know the file type and 
creator code for the application that creates the files the Web server will 
transfer. One way to find this is with Apple Computer’s power-user tool 
ResEdit. For example, I can open the Duke Nukem application in ResEdit, 
then select the Get Info command from ResEdit’s File menu bar item. 
The results are displayed in Figure 5-25. 
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Duke Nukem 3D 
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File: Ditockea 
Type: Creator: 


[_] File Locked [_] Resources Locked File In Use: Yes 
(J Printer Driver MultiFinder Compatible File Protected: No 


Modified: | Fri, May 23, 1997 Time: | 10:32:28 PM 


Size: 813625 bytes in resource fork 
793991 bytes in data fork 
spree Finder Flags; @®7x @Q 60x 
Has BNDL [No INITs Label: 
J] Shared Inited CL] invisible 
(_] Stationery [J Alias Lj Use Custom Icon 


FIGURE 5-25: Locating the type and creator codes. 


With the file type and creator code information in hand, I go to the Web & 
FTP MIME Types dialog box and press the New button. This opens the 
New MIME Type window. (I could save some effort by choosing the list- 
ing for a like program such as Marathon and pressing the Duplicate but- 
ton.) 


Executable File: 


File Type: | Creator: 


FIGURE 5-26: Adding a new MIME type mapping. 
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First, I need to choose Text, Binary, CGI, BinHex, MacBinary, or Execute 
in the Actions pop-up menu. Since Duke Nukem is an application, the 
choice is Binary. Next, I type in a suffix if I need to. I do not need to here, 
so the Web & File Server Admin program will automatically enter an 
asterisk (*) to indicate a wild card. Any file suffix matches such a MIME 


type mapping. 
The information for the next two fields is obtained using ResEdit. I leave 


the File Type field empty and let Web & File Server Admin enter a wild 
card, but I do enter a creator code. 


Finally, I enter the name for the new mapping. It appears in the Web & 
FTP MIME Types window and will be available after I restart the Web & 
File Server. 


application/pdf 
applicetion/x- MoviePlayer 
application/x-Sparkle 
epplication/x- Photoshop 
application/x-SoundApp 


application/x- Persuasion 
applicetion/x- Doom 
application/x- Marathon 
x-world/x-v¥rml 


FIGURE 5-27: New listing in the Web & FTP MIME Types window. 


Now anybody downloading a Duke Nukem network game file from my 
Web Server can launch right away. (Of course, why anyone would be so 
twisted as to play a sick game like Duke Nukem when they could be 
reading about Object Request Broker architectures or something, I'll 
never know.) 


AppleShare IP’s ability to know the file types it is transferring is a power- 
ful feature. Still more powerful is its ability to look at a URL and then 
launch a CGI. 
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Working with CGIs 


TB 


Bux 
i a 
Pi 


As Iam fond of telling students in my Webmastering classes, Web servers 
are relatively stupid. What gives them their impressive power is the abil- 
ity to call on other applications such as Java/JavaScript/ Active X/what- 
ever-is-next-enabled browsers and CGIs. For example, consider the 
interaction between a browser, a Web server, a CGI, and Claris’ File- 
Maker Pro database application. 


Web Folder 


, =7"||...| Jones Beverages : 
i 
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Database Server 


FIGURE 5-28: Interaction between browser, Web server, CGI, 
and database server. 


A user fills out an HTML form in a Web browser. When he presses the 
Submit button, keywords in the form and a URL containing a modifier 
are sent to the Web server. 


When the Web server receives the request, the modifier tells it to launch a 
specific CGI and pass the form’s keywords on to it. 


The CGI turns the request content into database queries and passes it on 
to the database application. It then waits for the results. 


The database processes the query and passes the result back to the CGI. 


At this point, the process switches into reverse. The CGI translates the 
data into a form the browser will understand (HTML) and passes it back 
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to the Web server. The Web server sends the query results back to the 
browser. The user sees the results in the browser window. 


You might imagine that this takes a long time, but it usually takes just 
seconds. In fact, if the CGI does not respond to the Web server in 60 sec- 
onds, it will “time out” and give up on it. 


Note: You will see the acronyms CGI and ACGI both used in reference to these 
Web server helper applications. CGI has become the generic term, but in fact most 
of these applications are Asynchronous Common Gateway Interfaces, or ACGIs. 
ACGIs can handle multiple incoming and outgoing requests simultaneously, 
while CGIs are limited to one after another. 


From the simplest Web site to the most complex, the work that the Web 
server does is nearly constant. The interaction is all in the CGIs and the 
applications they communicate with. 


You have almost certainly encountered a Web page that uses an image 
map—an image that contains HyperText-linked “hot spots.” That is one 
example of CGI functionality. You click on a hot spot and the browser 
sends a request containing the exact location you clicked on (in screen 
pixels) to the Web server. The Web server has no idea what to make of 
that, but it does know to call on an image map CGI, which has a table in 
which screen coordinates are mapped to URLs. It makes a match and 
passes the correct URL back to Web server, which then knows what to 
pass back to the browser. 


Note: The current design trend is to move such basic functions to the browser. 
Modern browsers that support client-side image maps make this type of CGI 
obsolete by downloading a pixel map embedded in the HTML page and making the 
matches itself. To support older browsers, however, an image map CGI is still 
required. 


CGls are available that perform a great many functions. For the Mac OS 
they range from inexpensive shareware hacks written in AppleScript to 
relatively pricey but faster commercial applications written in C or C++. 
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The programming interface AppleShare IP uses for CGIs is compatible 
with other Mac OS Web servers, such as WebSTAR, so you have lots of 
options from which to choose. 


Like Web server data files, CGIs must be stored in AppleShare IP’s desig- 
nated Web Folder. I find it easiest to create a folder named “CGI” within 
the Web folder and keep all my AppleScripts and applications in there. 


Installing a CGI 


By way of example, here is one of my favorite CGIs: Gregory Comb’s 
shareware Count WWWebula. This fun little application gives your site a 
hit counter that moves up an increment each time someone visits your 
home page. The counter is displayed in visitors’ browsers and can be 
modified to use a number of numerical styles. 


To install Count WWWebula, copy its “Counter” folder into the folder 
that contains your other CGls (see Figure 5-28). For this to work, both the 
“Counter.acgi” application and the “Counter Data Files” folder must be 
present. 


te | Counter Data Files 
ay §=6Counter .acgi 


Documentation 
Function/Feature Changes 
License/Limited Warranty 


SIVC Query Engine 


Q 
i 
| 
& Register 
a 
Q 


To Update 1.2.3 or Earlier 
ey | Version Changes 
Default.htm 


FIGURE 5-29: The Counter folder and Counter.ACGI in the CGI folder of the 
Web Folder. 
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To configure Count WWWebula, launch Counter.acgi and select Prefer- 
ences under the Options menu bar item. This will open a window show- 
ing three tabs. Press the Referral URLs tab. 


Type ine full or partie! actin neme, 
IP address, or URL: 


FIGURE 5-30: Configuring referral URLs in Preferences. 


Here, press the New button to open the Edit List Item dialog box. The 
first time you open this box, type in your Web server’s hostname (e.g., 
“www.scionnet.com”); then press the OK button. Press the New button 
again, but this time type your Web server's IP address in the dialog box 
(e.g., “38.247.58.100”). 


FIGURE 5-31: Properly configured preferences. 
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This ensures that only your Web server is permitted to use the CGI. If you 
did not limit this, people could conceivably link to the CGI and use your 
Web server's processor power to run the counter on their remote Web 
sites! The author of this software calls it “Counter Piracy.” 


As it stands, any browser, including yours, visiting the Web pages refer- 
enced will trip the counter. Thus, if you want accurate statistics on how 
many outsiders are visiting your site, make sure that your computer, or 
your whole domain, is entered under the Ignore URLs tab. This ensures 
that people within your organization will not trip the counter. 


Of course, if you want to make it look like your site is very popular, do 
not do this. In fact, run around to everyone’s desks and make your home 
page the default startup in their browsers’ preferences so they trip the 
counter whenever they surf! 


The CGI is now ready to run, but you will need to enter some HTML to 
place the counter and generate the request from the Web server to trip it. 
The software’s author gives you several options for formatting this. 


ec IEEE 
» EE GS) EE 


<P><CENTER><A HREF="http://www. santorinicd. com"><IHG 
SRC="san.GIF" WIDTH=219 HEIGHT=143 ALIGN=bottom></A> 
</CENTER> 
<H3><CENTER>Consulting Gaemp: Design</CENTER></H3> 
<P><CENTER><I>Developers of</I></CENTER> 


<H3><CENTER><B>Server Manager 4.0 (TH)</B></CENTER></H3> [al 
</TD></TR> 


Looks like <IMG SRC="/cgi/counter/counter.acgi$main/default” 
ALIGN=bottom> people have accessed this page since I started using 
Count ¥¥WWebula. 


FIGURE 5-32: Triggering the counter from a URL. 


Once in place this tag will cause the CGI to activate, adding 1 to the previ- 
ous statistics and returning a GIF image of the latest numerical count to 
the browser. 
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FIGURE 5-33: Result of loading a counter-enabled page. 


As you can imagine, CGIs make your Web site a lot more interesting. 
Even so, they are not without their problems. Here are a few things to 
watch out for. 


CGI Considerations 


CGls can cause problems in three main areas: security, stability, and per- 
formance. 


Security. The overall security of your AppleShare IP server is easy to 
set up and maintain, but consider this: Each time you add a CGI, you add 
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a potential security risk. It is possible in some cases to “hijack” the work- 
ings of a CGI on a remote Web server simply by referencing it in a URL. If 
someone rips off a few processor cycles by tapping into your counter 
CGI, it is an annoyance rather than a threat; but someone rummaging 
through your corporate database is quite another matter. To avoid this 
make sure that, like Count WWWebula and most commercial products, 
the CGIs you use have security controls such as IP address filtering and 
user authentication. 


On the AppleShare IP side, it is also vital that you permit just read-only 
access to the everyone category of a folder that contains CGls. If you do 
not, you run the risk that someone will upload a malicious CGI that your 
Web server will dutifully launch. 


Do not be afraid of CGIs. Just be aware of how they function. 


Stability. A lot of development effort went into making the Apple- 
Share IP Web server as crash-proof as possible. When you start introduc- 
ing CGIs of varying quality and capabilities, however, you can expect 
that some things are not going to work well together. Be sure to thor- 
oughly and separately test each CGI that you plan to deploy before you 
commit vital functions to it. Some will give you trouble-free service; oth- 
ers will never do the job consistently and will have to be replaced. 


Performance. When you launch additional applications on a server, 
the burden of those services is bound to affect performance. CGIs are no 
exception, so watch out that they are not choking AppleShare IP and vice 
versa. You will probably be surprised at how many CGIs you can run 
before seeing significant performance degradation. Sooner or later, how- 
ever, your server will slow down. When that happens, consider deploy- 
ing a second Web server to handle the load of the busier CGIs. 


Also, CGIs written in scripting languages such as AppleScript or User- 
Land's Frontier tend to be slower than those written in compiled lan- 
guages such as C. 
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BASIC WEB SERVER ADMINISTRATION 


Basic Web servers, including AppleShare IP, are relatively low mainte- 
nance. About all you need to do is monitor the logs to ensure that the ser- 
vice’s performance settings are optimal and that no errors are occurring. 


Working with Web & File Log 


Significant events, such as when Web service is started and stopped or 
when errors occur, are recorded in the AppleShare IP Web & File Log file. 
This file is stored in the AppleShare IP Preferences folder, which is inside 
the Preferences folder of the System Folder. 


Fi rs AppleShare IP Web & File Log —— ee 


AppleShare IP Web & File Server was started at 3:42:27 PM on3/25/97 . 
The volume “MadDog” was prepared at startup. 

One valid server yolume was found. 

AppleShare/TCP service was started at 3:42:49 PM on3/25/97 . 

Web service was started at 3:42:57 PM on3/25/97 . 


FTP servic’ wos started at 3: a 59 ails on 3/25/97 . 


FIGURE 5-34: Events in the Web & File Log. 


Working with HTTP Log 


A more descriptive log is stored in the HTTP Logs folder, also found 
inside the AppleShare IP Preferences folder. The HTTP Log is generated 
when you enable Web logging in Web & File Server Admin’s Web & File 
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Server Settings preferences dialog box (as shown in Figure 5-10). You will 
find it most interesting because it acts as a sort of guest book, recording 
the source address and actions of each browser that visits your Web site. 


As is standard among HTTP servers, AppleShare IP logs its information 
in this format: 
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FIGURE 5-35: Fields in the HTTP Log (viewed in ClarisWorks). 


This field contains the date and time during which the action occurred. 


This field records the result of the action. If the value is “OK,” it means 
that the browser’s request was honored successfully. If the value is 
“PRIV,” it means that the browser requested a URL for a place to which 
the user does not have the appropriate access privileges. If the value is 
“ERR!,” something went wrong. Perhaps the requested URL was not 
available. More likely, the user quit the connection before the response 
was completed. 


This field contains the IP address of the browser’s computer. 
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This field contains the actual URL requested. 


BY This field contains the number of bytes sent to the browser in response. 


When the HTTP Log grows beyond 32 Mbytes, the Web Server saves it 
under the date (e.g., HTTP Log 5/26/97) and creates a new one. Eventu- 
ally logs will eat up all of your server’s hard disk space, so archive them 


as needed. 


Analyzing the HTTP Log with ServerStat 


A great utility for analyzing the contents of a Mac OS Web server log is J. 
Eric Bush’s ServerStat from Kitchen Sink Software. It comes in both 
shareware and commercial versions. 
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Helcome to ServerStat the statistics package for the Macintosh and PowerPC 
based Internet servers. ServerStat is cob rithed in two foras by KI tchen 
Sink Software, Inc. ServerStat Lite ($20) is a shoreware version of 
ServerSta 


Kitchen Sink Software, Inc. can be reached at the following address and 
contact information: 


Kitchen Sink Software, Inc. 


FIGURE 5-36: ServerStat’s main window. 


This utility is easy to use. Simply point it at the HTTP Log using the Log 
File button, then press the Start button. In a few seconds ServerStat spits 
out a fully formatted log summary in HTML, ready to be opened in any 
browser. 
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Server Statistics 


writen by: J. Eric Bush, published by Kishen Sink Software, Inc. 
Last updated: Jol 26, 1997 -- 1052 AM 


| Summary for Period: Mar 26 1997 to Jul 25 1997 


Files Tromsaitted During Summary Period 8199 
Bytes Transmitted During Summary Period 59436943 
Unique Sites During Reporting Period 1272. 
| Average Files Tronsmitted Daily 67 
Average Bytes Transmitted Daily 487188 


FIGURE 5-37: Viewing the ServerStat output file. 


You may now view file transfer statistics for several criteria. Besides 
showing you where the majority of your Web traffic is coming from, it 
can tell you which of your pages are most popular. These statistics are 
also useful in security and performance management. 


The HTTP Log will tell you what has been going on with your Web 
server. To see what is happening in real time, however, you need more 
advanced analysis tools. 
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ADVANCED WEB SERVER 
ADMINISTRATION 


AppleShare IP’s core features give you everything you need to monitor 
your Web server's performance, but only passively. For example, you 
cannot see who is logged into your Web server in real time, but can only 
open the log and see who was using it. The same goes for monitoring 
errors. If you do not make a habit of reviewing the HTTP Log, whole sec- 
tions of your Web site could be missing and you would never know that 
browsers were not getting the pages requested. A nice add-on to your 
AppleShare IP Web server, then, is a real time monitoring tool like Open 
Door Networks’ LogDoor. 


Another advanced concept you may wish to entertain is the idea of host- 
ing multiple Web sites using a single AppleShare IP Web server. This is 
possible using another Open Door Networks product, HomeDoor. 


Multisite Hosting with HomeDoor 


You have the Web server up and running smoothly at the URL of http: / / 
www. yoursite.com. It is working so well that another organization offers 
to pay you big bucks to host “www.theirsite.com.” As you will see in 
Chapter 11, assigning a second domain name to your Web server requires 
nothing more than a simple change to your network’s DNS, mapping 
both of these hostnames to the same numerical IP address. 


There is a problem, however—the server has only one default home page. 
Browsers attempting to access URLs using either domain name will 
return the same page—whichever one has been designated in Apple- 
Share IP’s Web server preferences. 


goad Current Default Home Page File: 
[ERAGE MedDoyWeb Folder:Defauit.htm) 
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Open Door Networks’ HomeDoor solves this problem. It gives your Web 
server the ability to return as many as 256 unique home pages and there- 
fore to host 256 distinct sites. It does this by intercepting and accepting 
requests from browsers and then redirecting those requests to particular 
directories or files on a single Web server. 


HomeDoor’s methods permit the creation of “virtual domains” and “vir- 
tual Web servers.” The latter are simply folders residing on a Web server 
that, from the perspective of Internet browsers, appear to be complete 
Web servers unto themselves. Virtual Web servers can respond with both 
default home pages, called up by a URL such as http:/ /www.theirsite. 
com, or directories and files referenced in more specific URLs, such as 
http: / / www.theirsite.com / pages /index.html. 


To do all this, HomeDoor uses a feature of HTTP 1.0 known as redirection. 
Here is how it works: 
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FIGURE 5-38: Using HomeDoor for browser independent redirection. 


name referenced in a URL (using the GET command). The nameserver 
resolves the hostname and returns the IP address. 


¥ A browser issues a request for the home page associated with the host- 


es 
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If the IP address referenced in the URL is controlled by HomeDoor, the 
application accepts the browser’s request and returns an HTTP REDI- 
RECT command in response. In the REDIRECT, HomeDoor replaces the 
IP address with the hostname and path you want returned instead. For 
example, the URL http:/ /www.theirsite.com/ might be returned as http: 
/ /www.yoursite.com/ their /index.html, where the site of www.theirsite. 
com is nothing more than a folder—or virtual domain—on your server 
computer. 


When the browser receives the REDIRECT command, it turns it around 
to resolve the new hostname it has been given with the nameserver. 


The hostname resolves to your server’s IP address, which the browser 
uses to request the URL HomeDoor gave it (e.g., http:/ /38.247.58.200/ 
their /index.html). From then on, the Web server communicates with the 
browser directly to return any other relative links. 


Most Web browsers display the location of the current page they are 
requesting, usually at the bottom of the browser window. Many will dis- 
play here the URL to which the browser has been redirected, not just the 
original URL. If you do not want the real Web server's hostname adver- 
tised, you can set up a DNS alias to that server and use HomeDoor to 
redirect to the alias. For example, instead of redirecting http://www. 
theirsite.com to http:/ /www.yoursite.com/their/, as illustrated in Fig- 
ure 5-35, you can redirect it to http: / /  www2.theirsite.com /their/, where 
www2.theirsite.com is a DNS alias to www.yoursite.com. 


Another clever feature HomeDoor uses is an Internet Control Message 
Protocol (ICMP) echo responder for each address it supports, which 
makes it possible for a client to “ping” any of the configured addresses 
and get a valid response. 


Installing HomeDoor 


The HomeDoor package includes an extension and a HyperCard-based 
administration application. It can run on any Macintosh connected to an 
Ethernet IP network, and not only on the Web server or network that its 
URLs point to. Before you install it, you will need to work with your ISP 
or MacDNS to create domain name-to-IP address mappings, and you will 
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need a unique IP address for each virtual domain that HomeDoor is 
going to serve. 


Imagine that you are going to serve three virtual domains with your Web 
server: www.yoursite.com, www.theirsite.com, and www.thatsite.com. 
Let’s assume that www.yoursite.com resolves to the IP address 
38.247.58.200. First, you assign two unique and contiguous IP addresses 
from the network’s IP address range, say 38.247.58.210 and 38.247.58.211. 
Your nameserver maps the hostnames www.theirsite.ccom and 
www.thatsite.com to these IP addresses. (Note that I left several IP 
addresses open between the real Web server and the virtual Web servers, 
because I might need those open addresses for additional real Web serv- 
ers if I form a RAIC.) 


Next, you create folders for each virtual domain inside AppleShare IP’s 
designated Web folder. Copy each site’s Web pages into these folders. 


= Wer » teat g 


Li. fork 


6 teams, 162.1 MBavailable 


Defauit.html ASIP.jpg 


FIGURE 5-39: Creating folders for virtual domains. 


To actually install HomeDoor, simply copy the HomeDoor extension into 
the System Folder’s Extensions folder and restart. Next, launch the 
HomeDoor Admin application. 
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HomeDoor Admin v2.0 


Pethneme te insert 


FIGURE 5-40: HomeDoor Admin’s opening windows. 


When HomeDoor Admin is launched, it displays windows for two meth- 
ods of multihosting: host field mapping and browser-independent redi- 
rection. We are only concerned with the latter here, so close the Host 
Field Mapping window. 


Note: Browser-independent redirection has been implemented in the product since 
version 1.0. This method assigns one IP address to each virtual domain that is to 
be hosted by the Web server. Since the original HTTP 1.0 protocol expects the Web 
service for each domain to have its own unique IP address, browser-independent 
redirection works with all Web browsers. 


In version 2.0, HomeDoor began providing the second option of host field 
mapping. This isan HTTP 1.1 technique that permits multidomain Web services 
to be provided using only a single IP address. This method works with most —but 
not all—browsers. It also requires an HTTP 1.1-compatible Web server. 


In the Browser-Independent Redirection window you will see a couple of 
examples that Open Door Networks has entered for you. Press the New 
IPs button, and these will be overwritten. 
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Browser- independent Redirection 


HomeDoor Admin v2.0 


URL to Redirect to 


http://www. yourwebserver.com/companyx/ 
hitp://www.yourwebserver .com/companyy¥ / 


FIGURE 5-41: Examples in the Browser-Independent Redirection window. 


In the IP Address Range dialog box that opens, enter the first and last IP 
address in the range HomeDoor will serve. This range should not include 
the Web server's native address (i.e., 38.247.58.200), because the default 
home page for www.yoursite.com should be returned to browsers 
directly by AppleShare IP without the interference of HomeDoor. Press 
the OK button when you have finished. 


IP Address Range 
First: 38.247.58.210 
Last: 38.247.58.21 Ij 


The IP address range will now appear in the Browser-Independent Redi- 
rection window. Highlight the first IP address in the list and press the 
Edit button. 
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HomeDoor Admin v2.0 


URL te Redirect te 


FIGURE 5-42: Editing the IP address listings. 


In the URL to Redirect to dialog box that opens next, enter a URL that 
contains the virtual Web server’s hostname and the valid pathname. In 
this case, the URL associated with an IP address must point to the direc- 
tory that will serve as the virtual domain’s “root,” and not to a specific 
file. That means that the URL http:/ / www.theirsite.com/theirs is okay 
but that http: / / www.theirsite.com / theirs / index.html is not. 


iPaddress; 30.247.58.210 
URL to Redirect to: 


http://www theirsite.com/their 
a | 


Edit the listings for each IP address in the range, pressing the OK button 
each time when you are finished. (By the way, you can use URLs for other 
services, such as FTP, as well.) 
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HomeDoor Admin v2.0 


IP Address URL to Redirect to 


38.247,58.210 http://www .theirsite.com/their 
38.247.58.211 hitp:/ Awww .thatsite.com/that 


FIGURE 5-43: Editing in the Browser-Independent Redirection window. 


Then press the Save button in the Browser-Independent Redirection win- 
dow. 


You can choose the Redirection Prefs command under the File menu bar 
item to enable or disable redirection and logging. 


Browser-independent Redirection 
Preferences for HomeDoor extension 


Redirection is: 
@ Active | 
@ Inactive 


(sansa 


FIGURE 5-44: Enabling logging in Redirection Preferences. 


Otherwise, you have successfully installed HomeDoor, and you may now 
test it. You will need to do this from a browser running on another com- 
puter because you cannot access home pages implemented with browser- 
independent redirection from the same computer on which the Home- 
Door extension is installed. 
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Redirect Limitations 


Here, according to Open Door Networks, are some of browser-indepen- 
dent redirection’s limitations: 


e It only works over the default HTTP port: 80. 
e It only works on Ethernet-based IP networks. 


e The HomeDoor extension will only load if MacTCP or Open Trans- 
port version 1.1 or later is running on the computer. In addition, only 
built-in Ethernet is supported under Open Transport. 


e The HomeDoor extension will not run on a computer that is also run- 
ning the Apple IP Gateway. 


e If HomeDoor and other TCP/IP services are sharing the same Ether- 
net port, the HomeDoor extension must load before any other exten- 
sion that opens MacTCP. 


Multisite Monitoring with LogDoor 


LogDoor, another Open Door Networks product, provides a real-time 
domain-by-domain display of hits to your Web server. If you are hosting 
a single domain, LogDoor provides greater insight into your server’s 
daily operations. If you are hosting multiple domains, it produces sepa- 
rate log files and summaries for each of them. 


LogDoor is not designed simply to analyze your server’s HTTP Log (or 
HomeDoor’s log). Rather, it is a Web server monitor that provides imme- 
diate information on how your server is being used. If you prefer, Log- 
Door’s processing can also be done off-line after the log file has been 
closed and traffic is minimal, but this is a waste of its abilities. 


To use LogDoor, select the New Task command from the File menu bar 
item. This opens the Task and Activity windows, which have the follow- 
ing components: 
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a OOF 


Cess 
Status: Waiting CPU Utilization: 1% 
First date: 03/26/97 Last date: 04/12/97 
Input Leg File 
‘a MadDog ‘System Folder Preferenc.. Preferences HTTP Logs HTTP 
Processed: 1258 lines, 15% of 490K bytes 


ee 04/12/97 13:03:07 OK 132.239.835.172 :sales html 3418 


Folder: Maddog: Applications :LogDoor PPC 1.1 eval Folder Output: 
Files: site.log, site html, site.txt 


Bytes Errors 
1243 S701K 


Processed 64 | 
31: Processed 53 | 
09:51:20 --HTTP Log Processed 56 | 
09:51:21 --HTTP Log Processed 39 | 
09:51:22 --HTTP Log Processed 62 | 
09:51:23 --HTTP Log Processed 56 | 
Processed 62 | 

I 


:27 --HTTP Log 
09:51:27 --HTTP Log Processed 53 | 
09:51:28 --HTTP Log Processed 63 | 
:29 --HTTP Log Processed 66 | 
:30 --HTTP Log Processed 63 | 4] 


FIGURE 5-45: LogDoor’s Task window. 


The Activity window shows you what operation LogDoor is currently 
conducting. 


The processing area contains a button that reads either Stop or Go 
depending on LogDoor’s operational status. It also contains fields to tell 
you if LogDoor is “processing” or “waiting,” the first and last dates 
recorded in the HTTP Log, and the percentage of processor time that is 
being used. 


The HTTP log you wish to work with is selected in the Input Log File 
field. There is also a listing for the last message in the current log, which 
will be the most recent transaction if you are monitoring the log in real 
time. 


The Output Files field shows you where LogDoor is storing its reports. 
This will usually be in the same folder that contains LogDoor. 
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Here statistics for each folder in the designated Web Folder are displayed, 
arranged as “sites.” LogDoor sees a site as a folder at the Web server's 
“root” level. Thus, the designated Web Folder is one site, and an 
“Images” folder within it can be considered another. Going back to the 
HomeDoor example, LogDoor displays access information and produces 
log files and summaries for www.yoursite.com (Web Folder) as well as 
www.theirsite.com (their folder) and www.thatsite.com (that folder). 


Processing 


Status: Waiting CPU LHilization: 1% 
First date: 05/27/96 Last date: 07/26/97 
Input Leg File 


D MadDog ‘System Folder :Preferenc.. Preferences HTTP Logs HTTP 
Processed: 6312 lines, 100% of 499K bytes 


Last Line 
[ervasea? 13:17:22 OK 38.247.38.2 :theirs:Alogo.gif 379 


Output Files 
QO Folder: MadDog : Applications ‘LogDoor PPC 1.1 eval Fokler Output: 
Files: site.log, site html, site.txt 


Site Name 


Total for 8 sites 


Bytes Errors 
38149K 


FIGURE 5-46: Folders seen as sites by LogDoor. 


LogDoor can create three files for each site. A Site Log file includes every 
line from the input log file that references a URL for that folder. A Site 
processing summary is created in HTML periodically, or on demand, to 
summarize the processing that LogDoor has performed for a site. A sec- 
ond Site processing summary is written in tab-delimited text format 
instead of HTML. 


LogDoor will also generate summaries for Web server activity overall. 
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FIGURE 5-47: Creating HTML summaries of overall Web server activity. 


SUMMARY 


The AppleShare IP Web server uses HTTP to dole out HTML pages to 
browsers on an Intranet or on the Web. Unlike other HTTP 1.0 Web serv- 
ers, however, AppleShare IP uses a method of “keep-alive” that main- 
tains client connections instead of dropping them immediately after a hit. 


It is possible to create an AFP/TCP connection with a Web browser that 
has been modified with AFP Engage! It is also possible to navigate the 
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Web server’s folders with a browser using AppleShare IP’s automatic 
directory listing feature. 


A Web server's main network entrance is its home page. Home pages are 
easy to create using a text editor or HTML editor. 


The real power of a Web server is its ability to use CGIs. AppleShare IP’s 
Web server employs the same CGIs used by other Mac OS servers, such 
as WebSTAR, and supports MIME. Because CGIs might pose a security 
risk, they should be configured carefully. 


Basic Web administration involves monitoring the Web server’s HTTP 
and event logs to look for errors. Tools such as ServerStat and LogDoor 
help to sort and better present the information in these logs. 


It is possible to host multiple Web sites on a single Mac OS server. This 
requires changes in the network’s DNS tables and works best if addi- 
tional tools such as HomeDoor and LogDoor are employed. HomeDoor 
redirects browser requests to virtual domains that appear to be separate 
Web servers. LogDoor provides usage statistics for each virtual domain. 


AppleShare IP Mail 
Server 


Email has had an interesting history on the Mac OS. It was once a 
market dominated by robust, proprietary systems such as CE Soft- 
ware’s QuickMail and Microsoft’s MS Mail (now Quarterdeck 
Mail). These were closed, LAN-based systems with their own cli- 
ent-server architectures that could not talk to each other without 
using gateways. The most popular gateways were those of Star- 
Nine (now a division of Quarterdeck), such as Mail*Link UUCP 
and Mail*Link SMTP. Mail*Link UUCP provided LAN-to-Internet 
connectivity, generally over dial-up lines, via the UNIX-to-UNIX 
Copy Protocol (UUCP). Mail*Link SMTP provided LAN-to-Inter- 
net connectivity, generally over full-time Internet feeds, via the 
Simple Mail Transfer Protocol (SMTP). In both cases they had the 
same purpose. They opened these closed systems to the rest of the 
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world without compromising the features that their users had come to 
enjoy in the proprietary products. 


Beginning with System 7 Pro, Apple provided a new way for networked 
Macintoshes to communicate with each other through a built-in Apple 
Open Collaboration Environment (AOCE) and PowerTalk. Like the other 
Mac OS-based systems, it could be used in a client-server model when 
communicating with Apple’s PowerShare servers. Unlike the other sys- 
tems, however, it could also be used peer-to-peer. In both implementa- 
tions it could be extended to communicate with commercial on-line 
services, the Internet, fax machines, and pagers using inexpensive gate- 
way software. It was a neat model, but it never caught on. 


@ Fite Edit View Label Special 


Tom Dell 


x 


Catalogs 


FIGURE 6-1: Apple’s email on the desktop: PowerTalk. 


Apple chose to move away from the proprietary PowerTalk model and 
focus instead on the open TCP/IP-based standards of the Internet. It 
bought Glenn Anderson’s nifty shareware application MailShare and 
upgraded it to become the Apple Internet Mail Server (AIMS). AIMS is a 
Post Office Protocol (POP) and SMTP host that works nicely with inex- 
pensive email clients such as Qualcomm’s Eudora and Claris’ Em@iler. It 
runs on even the lowly MacPlus, and, in a move that endeared many Mac 
OS administrators, Apple gave it away for free. 
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FIGURE 6-2: Apple Internet Mail Server: ugly interface, great program! 


AIMS held the line until the release of AppleShare IP 5.0. The new mail 
server can use an AppleTalk-enabled client, such as Claris’ Em@iler Lite, 
which is bundled with Mac OS 8, and any Internet-enabled POP3 clients 
(also a capability of Em@iler). The server is fast, has a simple interface, 
and is fully integrated with AppleShare IP’s Users & Groups Data File 
and MIMEs. 


(= 
Macintosh HO 


déac OS ufo Certer 
Browse the Internet 


Mail 


FIGURE 6-3: Apple’s email on the desktop: Claris Em@iler Lite. 
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In this chapter I will show you how to set up and maintain the Apple- 
Share IP Mail Server. As a bonus, I will also show you how to provide 
mailing list and email-on-demand services using another Mac OS-based 
server, StarNine’s ListSTAR. I will talk about email clients in Chapter 8. 


HOW EMAIL WORKS 


Email was once a novelty, but now it is as vital to your organization’s 
communications as the telephone, fax, or pager. As early as the 1960s, 
people were leaving messages for each other in mainframe-based mail 
boxes (e.g., IBM’s PROFS). This same model is still employed by commer- 
cial on-line services and Bulletin Board Services (BBSs). Email was not 
originally intended to be a network application, but it was easily adapted 
to become one using TCP/IP. 


The original model for email communications works like this: A sender 
creates a message within a User Agent (UA), which we more commonly 
refer to as an email client application. The UA, which runs on the user’s 
host computer, communicates with a Message Transfer Agent (MTA), 
which resides on a mail host (mail server). Where two UAs are local to the 
same MTA, email is passed between the UAs. Where UAs are local to dif- 
ferent MTAs, the MTAs pass the email between each other and then, ulti- 
mately, the UAs. The whole process is referred to as the Message Transfer 
System (MTS). 
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FIGURE 6-4: Model of the Message Transfer System. 


The structure of a message is important to the process. It has three parts: 
the body, the header, and the envelope. The body contains the text that 
the sender wants the recipient to read. The header contains information 
about the message itself, such who sent it, when it was sent, its subject, 
the sender’s return address, and the recipient. All of this is enclosed in an 
envelope that provides MTAs with sender and recipient information. 


Received: from relay2.smtp.psi.net by smtp.trdell.com (AppleShare IP Mail 
Server 65.112108) id 80 via TCP with SMTP; Tue, 29 Jul 1997 13:24:53 -0800 


Received: from smtp.scionnet.com by relay2.amtp.psi.net (8.8.3/SMI-5.4-PSI) 
id QAA07036; Tue, 29 Jul 1997 16:17:31 -0400 (EDT) 


Received: from [38.247.58.4]) by smtp.scionnet.com with SMTP (Apple Internet 
Mail Server 1.1); Tue, 29 Jul 1997 13:24:51 -0800 


=O A9 0 TL 


Subject: Want to go up the hill? 
Date: Tue, 29 Jul 97 13:17:40 -0800 
x-mailer: Claris Emailer 2.0v2, June 6, 1997 


From: Jack <jack@smtp.scionnet.com> 
To: "Jill" <j111@scionnet.com> 


Mime-Version: 1.0 
Content-Type: text/plain; charset="US-ASCII" 
Message-ID: <1341939805-213227558@smtp. scionnet .cam> 


Jill, 


You know, all work and no play makes me a dull boy. What do you say we 
| break early for lunch and go fetch a pail of water. 


<a0 @ 


Jack 


FIGURE 6-5: Anatomy of an email message. 
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You are probably familiar with most of the terminology surrounding 
TCP /IP-based email. For instance, a valid email address includes a user 
name, which is associated with a hostname, separated by an “@” sign like 


Hostname 
jill@smtp.trdell.com 
LJ a 

User Name Domain Name 


This address does not designate a user’s host computer but rather a mail 
host on which the user has an account. (For simplicity many administra- 
tors configure their DNS in such a way that the organization’s domain 
name resolves to the mail host’s IP address as well. For example, 
“jill@trdell.com” would work just as well as “jill@smtp.trdell.com.” See 
Chapter 11 for details.) 


On the Internet, mail hosts use SMTP to move messages back and forth. 
This works fine for servers, but it makes less sense for client computers, 
which need only a few of the features of SMTP. POP was developed so 
that users do not need a full SMTP server on their desktop computers. 
When users wish to check for, read, and delete email, their email clients 
use POP. When they want to send email, their clients use SMTP. It works 
like this: 


Relay Local Jill 
Mail Host Mail Host Mail Host 


FIGURE 6-6: Typical SMTP/POP email transaction. 
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1. Jack wishes to send a message to Jill. He writes the message and press- 
es the Send button in his email client software. 


ST 
» & um 
> @& NoEnclsures 


You knows, all sork and no play makes me a dull boy. What do you say we 
i] break early for lunch and go fetch a pail of seater. 


Jack 


FIGURE 6-7: Example of an email client: Claris’ Em@iler. 


2. The email client adds a header and requests a connection with Jack’s 
local mail host on TCP port 25. The mail host responds with a server 
ID and a message that it is either available or busy. 


If the mail host is available, the TCP connection continues and the cli- 
ent sends a HELO command along with a fully qualified domain 
name. If the mail host accepts the connection, it responds with its 
own domain name. The client then sends the server a MAIL FROM: 
(sender) command, followed by a RECPT TO: (recipient) command, 
followed by a DATA command. At each step the server must 
acknowledge that it is ready to receive the information. When the cli- 
ent has finished, it sends a simple “.” (period) to the server to signify 
that it is finished. The server acknowledges and invites the client to 
send another message or to QUIT. 
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3. Jack’s local mail server stores the message on its hard disk. Eventu- 
ally, it initiates a connection with a mail server on Jill’s network via 
the Internet. This mail server is not actually Jill’s local mail host but 
rather one among many mail servers that has been singled out to con- 
nect to the Internet. It is referred to as a relay mail server. 


4. The relay mail server stores the message on its hard disk, Eventually, 
it forwards Jack’s message to Jill’s local mail host, which in turn 
stores the message on its hard disk. 


5. According to a schedule established by Jill, her email client opens a 
POP connection with her local mail host, allowing her to read the 
message. 


= Incoming Message: Want to go up the ht? = 2) & 


Subject : [Want to go up the hill? Received: 7/29/97 1:32:55 PM 


D> & (4) From: Jack, jack@smtp.sctonnet.com 
> & No Enclosures 


You know, all work and no play makes me a dull boy. What do you say we 
break early for lunch and go fetch a pail of water. 


Jack 


FIGURE 6-8: Reading an email message in Claris’ En@iler. 


This is the same model employed by the AppleShare IP Mail Server. It is a 
complete SMTP/POP mail host, so it can communicate with servers and 
clients on platforms other than the Mac OS. In addition, it can communi- 
cate with other Mac OS-based servers and clients using AppleTalk. For 
example, the relay mail host on Jill's network could have transferred the 
previously mentioned message to Jill’s local mail host via TCP/IP. Then 
Jill's email client could have read it from the local AppleShare IP server 
using AppleTalk. 


This same store-and-forward methodology works between multiple 
AppleShare IP servers on a LAN. Rather than having users log in to mul- 
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tiple servers to retrieve email delivered to multiple accounts, you should 
configure your AppleShare IP servers so that each user retrieves email 
from just one server. 


Imagine that Jack and Jill are users on the same LAN and that the LAN 
has two AppleShare IP servers: “AppleShare 5 Server” and “Office Mail.” 
Jack and Jill are registered users of both AppleShare IP servers, so both 
may copy files to and from either file server. Only Jack’s account on 
“AppleShare 5 Server” is enabled to receive email, however, as is Jill’s 
account on “Office Mail.” Whenever Jack and Jill want to send messages 
to each other, it is up to the two AppleShare IP servers to forward the 
messages to each other. Jack’s email client can then retrieve all of his 
email from “AppleShare 5 Server.” He does not need to log on to “Office 
Mail” separately to read a message from Jill. 


ESTABLISHING MAIL SERVICES 


If you have already created user accounts and assigned Internet aliases, 
as discussed in Chapter 4, then you have done half of the work necessary 
to establish AppleShare IP mail services. Here is what you need to know 
to do the rest. 


Configure DNS 


Mail hosts have special DNS requirements in addition to the usual IP 
address-to-hostname mappings required by other servers. Besides the 
Address (A) record, name servers must also identify mail hosts with Mail 
Exchanger (MX) records. If your network’s DNS is provided by an ISP or 
a larger IS department, you will need to work with its technicians to add 
an appropriate hostname and MxX record to the IP address mapping of 
your AppleShare IP server. The Mail Server is compatible with all stan- 
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dard implementations of DNS. If your network does not already have 
DNS, you can employ MacDNS, as described in Chapter 11. 


You can view the DNS information associated with your server computer 
by selecting the Show Network Info command from AppleShare IP Man- 
ager’s Manager menu bar item. 


TCP: Enabled 
DNS Name: smtp.trdell.com 


IP Address: 38.247.58.2 


AppleTalk: Enabled 
Macintosh Name: AppleShare 5 Server 


[al Zone Name: Public 


FIGURE 6~9: Viewing AppleShare IP Manager’s Show Network Info window. 


In addition to the server’s hostname and IP address, this window dis- 
plays the computer’s Macintosh name and AppleTalk zone. (This is for 
the server’s default port only; the mail server does not support multihom- 
ing.) 


The AppleShare IP server may use multiple hostnames. For example, 
“www.yoursite.com,” “ftp.yoursite.com,” and “smtp.yoursite.com” can 
all resolve to the same IP address. 


Launch Mail Admin 


To use the Mail server for the first time, launch the Mail Admin applica- 
tion. If you have AppleShare IP Manager running, press the second but- 
ton in the window (or choose the Open Mail Admin command under 
AppleShare IP Manager’s File menu bar item). You can also double-click 
on the application directly. 
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Web & File Admin: Running 
Web & File Server: Run 
Web: Enabled - 
File Server vie AppleTalk: Always Enebled 
_ File Server vie TCP: Enebled 
FTP: Enabled | 


——eg | Mell Admin: Running 

iy rl - Mat] Server: Not Running 
ac ‘Print Admin: Not Running 

A. 3 . Print Server: Not Running 


FIGURE 6-10: Launching Mail Admin from AppleShare IP Manager. 


This will open a password dialog box, in which you must enter the 
Administrator Name and Password. Press the OK button when you have 
finished. The Mail Server Activity window will appear. 


"Number of Messages: 
— Numiber of Active Users: 
Number of Usera Sending Mail: 


FIGURE 6-11: AppleShare IP Mail Admin and Its Mail Server Activity window. 


This window is designed to tell you if the server is running or stopped, 
how much email is stored on the hard disk, and how busy the server is 
sending email. 
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Launch Mail Server 


If the Mail Server application is not already running, you can launch it 
manually by choosing the Start Mail Server command under Mail 
Admin’s Server menu bar item (or by pressing the Command (%)-[ key 
combination). No additional interface will be presented, but the Server 
Status line in Mail Admin’s Mail Server Activity window will change to 
read “Starting Up,” and then “Running.” 


Enable User Access 


The Mail Server looks to the Users & Groups Data File for information 
about the accounts for which it should receive and deliver email. This 
information can be modified by opening user accounts in the Users & 
Groups List. 


GD amin 7/28/97, 2:28 PM 
| (9 Bete Reader 7/28/97, 9:45 AM 
(9 Cass Kove! 7/23/97, 3:19 PM 
(@ Client People 
® Colleagues 
1 {9 Den Goldberg 7/9/97, 6:23 PM 
a Guest 
(J Juliens Delt 7/9/97, 6:16 PM 
(3 Meil Administrator Never 
(} Phil Zarboules Never 
(@® Scion People 
Tom Dall 7/28/97, 9:45 AM 


FIGURE 6-12: Opening the Users & Groups List. 


As we discussed in Chapter 4, it is important that each user who will have 
email be given an Internet alias. A valid Internet alias must be unique and 
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consist of alphanumeric characters. It is not case-sensitive, and some 
“special” characters are permitted: 


189% de’ Wee =? 4 PA _~. 


You cannot type in an Internet alias that is the same as the name you 
typed in the Name field. If you want them to be the same, leave the Inter- 
net Alias field empty and then make sure that the name in the Name field 
is valid according to the criteria required of an Internet alias. 


| (CJ Enebte user to administer the server 


| oO Program linking 


| fi User maytogon [[] Disable logonasof:[ 7/28/97 | a7 
| {3 User may change password 
_ CA Requtrs new password on net top on 


sts es oe Parte tn | Bete ree Ate a te Noo te got creer ores eet ttn Fete 


FIGURE 6-13: Entering an Internet alias. 


Other criteria can be entered in the User window under Mail Settings in 
the pop-up menu. Note that the Internet alias is used in the email address 
that appears near the top of the window. This will be the user’s return 
address. Press the Enable Mail button to give the user email access. The 
User window will change to display the user’s POP account name. 
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| E-mail Address: tom@amtp.trdell.com 
Account Information -—-—— 


No Mail 
@Enedle aii GG Internet Q AppleTalk —~— 


POP Account Name: tom 
[Cd Require APOP Log On (Encrypted Pessword) 


FIGURE 6-14: Configuring user mail settings. 


If the user’s email client will be using Authenticated Post Office Protocol 
(APOP), also enable the Require APOP Log On checkbox. When APOP is 
selected, the email client encodes the user’s password so that it cannot be 
observed by a “protocol sniffer.” 


You may disable a user’s email access by pressing the No Mail button. 
The Mail Server will then deny access to the user and will no longer 
accept email for that account. Any email that was not retrieved will 
remain in the Mail Database. The only way to remove that mail is to re- 
enable user access. 


When you delete a user altogether, the Mail Server removes the user's 
email from the Mail Database. 


BASIC MAIL SERVER ADMINISTRATION 


The Mail Server does not have a window of its own. Its workings are 
reflected in Mail Admin’s Mail Server Activity window. Its parts are as 
follows: 
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1 Storage 


1 _ Mai 
| Yolume: MadDog 
Size: 99 K 


Status 


Number of Messages: 3 
Number of Active Laers: O of 12 
Number of Users Sending Mail: Oof 5 


FIGURE 6-15: Parts of Mail Admin’s Mail Server Activity window. 


) | This button launches AppleShare IP Manager. 
This button opens the Users & Groups List. 


¥ This button opens the Mac OS Date & Time control panel. It is important 

¥e to configure the server with the correct date, time, and time zone. The 
Mail Server time stamps each message, and an incorrect time stamp may 
cause other mail servers to mishandle a message. 


Date Formats. 


om Time =n a or Menubar dock 


San Francieco fa a city in the @on Qor 
currant time zone. 


oO Daylight Savings Time 


FIGURE 6-16: Configuring the Date & Time control panel. 
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he 
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The Mail Storage field displays the size of the Mail Database as well as 
the hard disk on which it is stored. 


The Status field displays several counters. The Number of Messages sta- 
tus line displays the total number of messages in the Mail Database. The 
Number of Active Users status line displays the number of users who are 
retrieving email. The Number of Users Sending Mail status line displays 
the number of users who are sending email. 


General Server Settings 


To make the Mail Server launch automatically whenever the computer is 
booted, select the Mail Server Settings command from Mail Admin’s 
Server menu bar item; then choose General in the pop-up menu. Here, 
enable the Start AppleShare IP Mail Server at system startup checkbox. 


Start AppleShere IP Mail Server at system startup 


Stop Accept! ng incoming Mail 
Suggested Minimum Free Disk Space: 2048 K 
Preferred Free Disk Space: K 


Yolume Name: MadDog 


‘i Storage Yolume 


{) Chenges teke offect after Mail Server restert. 


FIGURE 6-17: Configuring the server’s General options. 


A 
T 
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The Mail Server will use up all available hard disk space for its Mail Data- 
base except the amount you enter next to Preferred Free Space (in 
Kbytes) in the Stop Accepting Incoming Mail field. Apple recommends 
that you leave at least a dangerously low 2 Mbytes. I recommend that you 
leave no less than 20 Mbytes. 


You can also choose a different volume for the Mail Server to store the 
Mail Database on, in the Mail Storage Volume field. The Mail Database is 
stored in the “AppleShare IP Mail Folder” at the top level of the startup 
disk by default. You must stop the Mail Server, move the AppleShare IP 
Mail Folder to the new volume, and then restart the Mail Server to com- 
plete this operation. Verify that the Mail Server is storing mail on the cor- 
rect volume by checking the Mail Server Log. 


Note: The Mail Server will reset the access privileges of the AppleShare IP Mail 
Folder to None for the User/Group and Everyone categories automatically. This 
prevents unauthorized access to the Mail Database file. 


Mail Administrator 


When the Mail Server is installed, AppleShare IP automatically creates a 
mail administrator account with email access enabled. The account is oth- 
erwise disabled and does not have a password. 
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LI all ey aie 
SS _ 


[] Enable user to administer the server 


LJ Program linking 

G@ User may log on [i bisabte tog on a8 of: [7729797 ]fSI 
Gq User may change password 

L] Require new password on next log on 


FIGURE 6-18: The mail administrator account. 


All SMTP mail hosts on the Internet are required to have an account 
under the name “postmaster” (per RFC 822, the Internet Standard for the 
Format of ARPA Internet Text Messages). This rule was adopted to allow 
administrators to contact their counterparts on other systems when prob- 
lems arise. Under AppleShare IP, the mail administrator account serves 
this function by using the Internet alias “postmaster.” 


Do not disable or change the Internet alias of this account. However, if 
you would rather have administrator-level traffic come your own 
account, you may forward the email from this account to yours. 


Forwarding the Mail 


AppleShare IP can forward email from one account to another and from 
one mail server to another using either AppleTalk or TCP/IP. 
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Over TCP/IP 


If you want the Mail Server to forward email addressed to a user on 
another mail server over TCP, enable the Internet button in the User win- 
dow under the Mail Settings pop-up menu. A valid email address must 
be entered in the Auto Forward Address field. 


"E-mail Address: juliena@emtp.trdetl com 
| Account Informetion ———— 
‘QEnadis tail ~ @ internet — Dappletelk — 


Auto Forward Address: 


- i jcdell @smtp.scionnet.co 4! 


FIGURE 6-19: Forwarding the mail over TCP/IP. 


Over AppleTalk 


If you want the Mail Server to forward email addressed to a user on 
another AppleShare IP server over AppleTalk, enable the AppleTalk but- 
ton in the User window under the Mail Settings pop-up menu. A regis- 
tered user name must be entered in the Auto Forward To field (not an 
Internet alias). Next, use the Chooser button to open a dialog box in 
which you can select the other AppleShare IP server. 


286 ¢ AppleShare IP 


Mail Settings Vv 


E-meil Address: dan@emtp.trdell.com 
Account infor mation 


@ No Mail 
GQ Enebie Mail © Internet @ AppleTalk ——- 
Auto Forward To: 


User Name: |DanGoldberg 


Server Location: 


AppleTalk Zones: 


LocelTalk AppleShare 5 Server 
Management Office Mail 
Marketing 

Production 

Remote Access 

Training 


FIGURE 6-21: Selecting AppleShare IP Server to receive user email. 


Staying in Sync 


One way to synchronize the Users & Groups Data Files on multiple 
AppleShare IP servers is to create all of the necessary user accounts on 
one machine first and then export them to other servers. This is done by 
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selecting all of the accounts in the Users & Groups List and choosing the 
Export Users and Groups command from Web & File Server Admin’s 
File menu bar item. 


7/9/97, 6:23 PM 


7429/97, 1:22 PM 
7/9/97, 6:16 PM 


fpr 


FIGURE 6-22: Exporting users and groups. 


| ( ez Group names cannot be 

exported. 

Users who ere members of the 

selected groups will be exported. 
Export Attributes 

Name; AppleShere S Server 

‘By internet Altes 

[_] Comments 

E-mail Attributes 


J 
| 


FIGURE 6-23: Maintaining Internet aliases and email attributes. 
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After you press the Save button, be sure to use the dialog box that 
appears next to preserve the accounts’ Internet aliases and email 
attributes. You may then import the resulting file into each Mail Server. 
(Santorini’s Server Manager offers easier options. See Chapter 9.) 


For users local to a given Mail Server, simply enable email access in their 
accounts. For users local to another Mail Server, enable email access to 
their accounts but forward their email to their local server. 


If you set up new forwarding for a user, the Mail Server immediately 
begins forwarding that account’s email. The user must connect to retrieve 
any email that was stored in the Mail Database before the Mail Server 
began forwarding. 


Routing Email 


Email addressed to a computer with an IP address that the Mail Server 
cannot obtain via DNS is said to be destined for an “unknown host.” In 
such situations it is customary to forward the email to a relay mail host to 
which the destination might be known. For example, email addressed to 
users on your local network is delivered directly, but email destined for 
users on the Internet may be routed through an SMTP mail host operated 
by your ISP. 


To forward email to a relay mail host, select the Mail Server Settings 
command from Mail Admin’s Server menu bar item. In the Mail Server 
Settings dialog box that appears, select Mail Routing in the pop-up 
menu. Next, enable the Forward mail that has an unknown host to ser- 
vice checkbox. 
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Log Group members without an'E~meil-eddrops’ 
Forward mail thet hes an.unknown host to service: 
@appietalk Q tce 
Sarver Name: 


Server Zone: 


Chooser... 


Stop Delivery of Undsliverable Mail After: ene 
| sm 72 hr Minimum: 12 hr Currests[72_] br 


[J Log Group members without en E- mel] address 
8 Forward met] thet hes an unknown host to service: 
QaAppletalk @ tcp 


Name of Server or IP Address: 


smipscionetcon] 


Stop Delivery of Undeliverable Mail After: 
Suggested: 72 be. Minimum: 12 hr Current: {72 | he 


| 


FIGURE 6-25: Enabling mail routing over TCP/IP. 


290 « AppleShare IP 


If the relay mail host is another AppleShare IP server, perhaps the only 
one of several that is connected directly to the Internet, you can forward 
the email using AppleTalk. This is configured in the same way that you 
forward between user accounts. If you do not wish to use AppleTalk, or if 
the relay mail host is not an AppleShare IP server, press the TCP button 
and identify the relay mail host by hostname or IP address. 


Group Mailings 


Users may send email to an entire AppleShare IP group as easily as to a 
single user. All they need to do is specify the group name as a recipient. 
When the Mail Server receives a message addressed to a group, it delivers 
a copy of the message to each user in the group. 


Name: | Scion People 


(Q Cass Kovel 

(9 Dan Goldberg 
(9 Julians Dell 
(9 Phil Zarboulas 
(9 Tom Det! 


FIGURE 6-26: A group and its membership. 


names conform to the same conventions required for Internet aliases. 


A\ Note: If you expect users to address messages to groups, be sure that the group 
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Increasing Concurrent Connections 


The Mail Server permits 12 concurrent POP connections (for retrieving 
email) and 5 concurrent SMTP connections (for sending email) by default. 
To increase the number of available concurrent POP and SMTP connec- 
tions, you must allocate additional memory to the Mail Server. Each 
megabyte of additional memory permits five more concurrent POP con- 
nections and three more concurrent SMTP connections. 


System Folder | 


— 


AppleShare FP Mail Server 
AppleShare IP S.0f404 
Kiad : apptication program 
Size : 832K on disk (802 298 by tes used) 


Where : Maddog: System Folder : 
Extensions : 


Created: Wed, Mar 26, 1997, 12:00 PM 
Modified: Fri, Apr 4, 1997, 1:27 PM 
Verstea : 5.0f401, © Apple Computer, inc. 


AppleShare P Web & File 
AppleShare P Web & File Ca 
AppleShare P Web & Fie Sell | 


“Memory Requirements ae, 
Suggested size: 


4228s ppea ypmeonnaan 


as Paves rereoresenteer: 


Sete etre ts 
AeeshecatdenunacngshndseNssenasenad Phase nea tenees mnseaneeanseonns Fai 


the Memory contro) panel. | 


FIGURE 6-27: Allocating more memory to the Mail Server. 


According to Apple, each POP or SMTP connection can support between 
three and five users if they typically send and receive small messages. 
You should allow for between two and four users per POP or SMTP con- 
nection if they typically send and receive large messages or if they con- 
nect to the Mail Server frequently. Allocating more memory also shortens 
the time it takes for users to retrieve large messages. 
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To allocate additional memory to the Mail Server, select the AppleShare 
IP Mail Server extension in the Extensions folder of the System Folder, 
and choose the Get Info command from the Finder’s File menu bar item. 
Next, increase the memory allocation in the Preferred size field. 


A limitation that you should be aware of is that the maximum number of 
messages a user can retrieve in one POP connection is 2048. If the user has 
more than that on the Mail Server, he will have to delete some messages, 
disconnect from the Mail Server, and then reconnect to it. 


Working with Outgoing Messages 


In addition to Mail Server activity, you can get a look at the server's 
workings by viewing the contents of the Outgoing Mail window. To open 
it, choose the Show Outgoing Mail command from Mail Admin’s Server 
menu bar item. 


Mail Item Status 
Stop Delivery 


Size (K) Date Received AppleTelk TCP 


EF tomesmtp.trdell.com 7/28/97 6:19 PM 


FIGURE 6-28: The Outgoing Mail window. 
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Here you can view information for each outbound message: the name of 
the sender, the size of the message, the date and time that the Mail Server 
received the message, and the protocol over which it is being sent (Apple- 
Talk or TCP). 


Size: 531 
. Sender: tomeamtp.trdet!.com 
Time Received: 7/28/97 6:20 PM 
Lest Transfer Time: 7428/97 6:20 PM 


Weiting to be Delivered: 2 
Delivery Completed: 0 


(ECE 
i oK | 


FIGURE 6-29: Viewing the Mail Item Status window. 


To view information about an individual message, select the message and 
press the Mail Item Status button. The Message field of the Mail Item 
Status window displays the message’s ID, size, sender, time sent, and the 
last time the Mail Server tried to send it. Under Number of is delivery 
information such as: 


e Recipients. The number of recipients to whom the Mail Server is 
responsible for delivery, as opposed to other recipients who might be 
listed in the original message but for whom another mail server is 
responsible. 


¢ Errors. The number of recipients to whom the Mail Server has not 
been able to deliver the message. 


e Waiting to be Delivered. The number of recipients to whom the Mail 
Server is attempting to deliver the message. 


¢ Delivery Completed. The number of recipients to whom the Mail 
Server has delivered the message. 
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For email destined for multiple domains, the Mail Server employs a 
round-robin scheme to ensure that each domain receives equal attention. 
For example, after three minutes of attempting to connect to “theirsite. 
com,” the Mail Server begins trying to connect to “thatsite.com.” After 
the Mail Server has been exchanging email with “thatsite.com” for 30 
minutes and there is still email present that is destined for “theirsite. 
com,” the Mail Server will disconnect from “thatsite.com” and try “their 
site.com” again. 


Log Group members without an E-mail address 
08 Forward mali that has an unknown host to service: 
Qappletelk @cP_ | 


Neme of Server or [P Address: 


smtpscionnet.com| 


Stop Delivery of Undeliverable Mail After: 


se 72 hr Mintmum: 12 hr Current: hr 


FIGURE 6-30: Establishing the time when email is considered “undeliverable.” 


The Mail Server tries to deliver a message for 72 hours, by default. This 
value can be changed in the Mail Server Settings dialog box under the 
Mail Routing pop-up menu. The minimum value of the Current field is 
24 hours, and the maximum value is 336 hours (two weeks). 


If you know that one of the messages you see in the Outgoing Mail win- 
dow is undeliverable, select it and press the Stop Delivery button. This 
will open a dialog box in which you can inform the sender that the mes- 
sage did not go through by enabling the Notify sender of Stop Delivery 
checkbox. 
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Are you sure you want to Stop Defivery of the 
selected message (s)? 


[x] Notify sender of Stop Delivery 


When you press the Stop Delivery button, the Mail Server will stop try- 
ing to send the message and will remove it from the window. The sender 
will get a message similar to this one: 


incoming Message: Non-Delivery Report 


Subjot:[Non-Detivery Report) (Reontved: 7/29/97 1:09:24 PM 


> & FE) From: Postmaster, Postmaster@smitp.trdell.com 
> # NoEnclsures 


Could not deliver message (10-60). 
Local account ‘jill’ is unknown. 


Original message text follows (first 16K oniy): 


Received: from relay2.satp.psi.net by satp.trdell.com (AppleShare IP Mail 


Server 65.112108) id 60 via TCP with SNTP; Tue, 29 Jul 1997 13:14:23 - 
0800 


Received: from satp.scionnet.com by relay2.satp.psi.net (8.8.3/SNI-5.4- 
PSI) 
id QAAO2329; Tue, 29 Jul 1997 16:04:24 -0400 (EDT) 
Received: from [38.247.58.4] by smtp.scionnet.coa 
with SHTP (Apple Internet Mail Server 1.1); Tue, 29 Jul 1997 13:11:42 - 
0800 
Subject: Want to go up the hill? 
Date: Tue, 29 Jul 97 13:04:31 -0800 
x-mailer: Claris Emailer 2.0u2, June 6, 1997 
From: Tom Dell <trdellesatp.scionnet.com> 


FIGURE 6-31: Notification that email was undeliverable. 


Working with Mail Server Logs 


The Mail Server maintains a log of normal operating events and an error 
log containing information about operational problems. The default size 
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of these logs is 128 Kbytes, but you can change that in the Mail Server Set- 
tings window under the Mail Logs pop-up menu. 


Suggested: 128 K 
Minimum: 64 K 


Current: K 


Error Log 


Suggested: 128 K 
Minimum: 64 K 


Curront: K 


FIGURE 6-32: Setting the Size of the Server Log and Error Log. 


The Current field displays the maximum size of the log, which is the larg- 
est size to which the log can grow before the Mail Server begins removing 
its oldest entries to make room for new ones. The minimum size of each 
log is 64 Kbytes. 


To view the Server Log and Error Log, select the Show Mail Server Log 
and Show Mail Error Log commands from Mail Admin’s Server menu 
bar item. 


Viewing the Server Log 


The Mail Server Log window contains buttons for saving, printing, and 
clearing the log’s entries. These entries include: 


¢ When the Mail Server was stopped or started. 
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The location of the Mail Database. 


When successful POP connections and failed attempts occurred. The 
latter are identified as being caused by one of the following factors: 


aa 
EF 
8B 
-_ *.* * * &®& & & 


© 


. - * ” - .- . » . . - » ~~ 


ERERE 


- 


“+ * % 


« 


Save Log to Disk 
Print Log 
Clear Log 


Total date transferred (k): 94 
Total recipients transferred: 2 
Total connect time (seos): S 
User “Tow Dell” logged on successfully. 
User “Tom Dell” logged off. 
User “Tom Dell” connected over AppleTalk from: Ket: 501, Node: 236, 
User “Tom Dell” logged on successfully. 
User “Tom Dell” logged off. 
Inooming connection established over AppleTalk... 
Connection DDP address is: Net: 501, Node: 236, Sooket: 248 
Server posted message (ID=35) from “ton@satp.trdell.com” of size 47 
Incoming connection established over AppleTelk... 
Connection DDP eddress is: Met: 501, Node: 236, Socket: 246 
SUTP Server posted messege (ID=41) from “tom@satp.trdell.com” of size 1 | 
SFP Incoming connection established over AppleTelk... 
Connection DDP eddress is: Met: 501, Node: 236, Sooket: 248 
SMTP Server posted messege (IDe46) from “tom@smtp.trdell.com" of size 1 @ 
:15 Pt! - A POPS ecoount for User “Phil Zerboules” (“phil”) has been oreated. 
:11 Pt! - SrP connected to server “sutp.scionnet.com.” using TCP/IP to send messag 
714 Pti - SIFP Sent Message ID: 35, Size (k): 47, Recipient(s): 1, Time (secs): 2 
715 Pil - SFP olosed connection to TCP/IP server “satp.scionnet.coa.”. 
Total messages trensferred: | 
Total date transferred (xk): 47 
Total recipients transferred: 1 
Totel connect time (seox): 4 
SHTP connected to server “satp.scionnet.com” using TCP/IP to send messag 
SUTP Sent Messege ID: 46, Size (k)}: 1, Recipient(s): 2, Time (seos): 1 
SMTP closed connection to TCP/IP server “satp.scionnet.com". 
Total messages transferred: 1 
Total data transferred (k): 1 
Total recipients transferred: 1 
Total connect time ’ 


FIGURE 6-33: Viewing the Mail Server Log window. 


An incorrect password was supplied. 

An encrypted (APOP) password was required but not supplied. 
Email access is not enabled for the recipient. 

APOP authentication failed. 
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5. Anunknown user name was supplied. 
6. The user is already connected. 
When users change their passwords. You are also told when a user 


was allowed to connect with an expired password was allowed to 
connect even though his or her password needs to be changed. 


When successful SMTP connections and failed attempts occurred. 
Messages that the Mail Server is no longer attempting to deliver. 
The creation and deletion of mail accounts in the Mail Database. 


When the server’s AppleTalk was turned on and off and when its 
AppleTalk zone changed. 


When the server's TCP/IP was turned on and off and when changes 
were made to its hostname name or JP address. 


When the log was cleared. 


When messages were forwarded because they were intended for an 
“unknown host” (e.g., via a relay mail host). 


Viewing the Error Log 


The Error Log window also contains buttons for saving, printing, and 
clearing the log’s entries. Its entries include: 


When the Mail Server failed to start, for one of the following reasons: 
1. There is incompatible software present, such as old versions of the 
system or Open Transport. 
The Mail Database’s volume could not be found. 


The Mail Database could not be created because there was not 
enough free space on its volume. 


4. Another service is using the SMTP TCP/IP port, SMTP Apple- 
Talk port, or POP TCP/IP port. 


5. There is insufficient free memory. 
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Save Log to Disk 
Print Log 


Ptl - Mail Server was started at: Tue, Mar 25, 1997 3:42:25 Pt 
Ptt — Meil Server was shut down at: Tue, Mar 25, 1997 3:50:03 Pt 
Pt! - Mail Server was started at: Set, Jul 26, 1997 4:02:49 
Pt - Server was shut down at: Sun, Jol 27, i997 &: 07: 

Server was started at: Mon, Jul 28, 1997 11: 
Server was shut down at: Hon, Jul 28, 1997 2: 
Server was started at: fon, Jul 2, i997 2:36: 
group named "Soion People” contains 
ee Oe a ae e 

Server was shut down at: Mon, Jul 28, 1997 2:4 

Server was started at: fon, Jul 268, 1997 6:01: 
group nemed “Soion People” conteins " obaraoters which ere invalid on the 
ase change the nese if you want users to be able to eddress mail to this 


EEeE 


EEs 


125 
:03 
149 
:37 
2399 
126 
:39 
721 
:21 
3S 
733 
736 
136 


Prt 
Prt 
Prt 
Prt 
Pt 
Prt 
Pt 
Prt 


SV EERT 


FIGURE 6-34: Viewing the Error Log window. 


¢ When the Mail Server failed to deliver email because email access 
was not enabled for a user. 


¢ When the Mail Server refused incoming email because the free disk 
space threshold was reached. 


e When email addressed to a group name contains invalid characters. 
¢ When the Mail Server sent a “non-delivery report” to a user indicat- 
ing that the user’s email could not be delivered. 


You should review these logs periodically to identify recurring problems. 


Backing up the Mail Database 


The AppleShare IP Mail Database, stored by default in the AppleShare IP 
Mail Folder at the root level of the Startup Disk, is as important to the 
Mail Server as the Users & Groups Data File is to AppleShare IP overall. It 
contains all incoming and outgoing email that has not yet been read or 
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delivered. Take great pains to ensure that both the Users & Groups Data 
File and the Mail Database get backed up regularly. 


oS IP Mal Database 


FIGURE 6-35: Locating the Mail Database. 


Before you back up the Mail Database, stop the Mail Server. This prevents 
the database from changing during the backup process, thereby ensuring 
its internal consistency. You can do this manually, with an AppleScript or 
some other scripting utility. (Refer to this book’s accompanying CD-ROM 
for an example.) 


ANOTHER EMAIL SERVICE: LISTSTAR 


A useful addition to your organization’s network services is StarNine’s 
ListSTAR. This application is a Mac OS-based list server that supports 
email-based discussions by enabling a user to send a message to the 
server which is then forwarded to all members of a given mailing list. 
Users can subscribe to the service automatically by submitting an email 
message containing a keyword, such as “subscribe” in the Subject field. 
Thanks to the wonders of Internet email, these mailing lists can be com- 
posed of users from all over the globe. 


ListSTAR can also function as an Email-On-Demand (EOD) system. Just 
as a fax-back system responds to a telephone call, ListSTAR responds 
automatically with email whenever a user requests information. 


¥ 
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To perform these functions, ListSTAR allows you to configure a number 
of different services. Among other things, it can help to reduce your user 
support burden while improving the level of service. I will show you how 
to do that here. 


Configuring ListSTAR 


ListSTAR’s installer creates a folder on the Startup Disk that contains the 
server application and several subfolders. The “ADMIN” folder contains 
preferences, email account information, logs, and other administrative 
software. The “Message Spool” folder contains incoming and outgoing 
messages. The “Services” folder contains preferences for every service 
you establish, as well as any email enclosures that those services are 
meant to distribute. The “AppleScripts” folder contains scripts that auto- 
mate ListSTAR’s functions. The other folders contain samples and docu- 
mentation. 


FIGURE 6-36: Viewing the contents of the ListSTAR folder. 


Once you have taken the time to configure ListSTAR, the loss of any one 
of these folders would be. keenly felt. Back up the ListSTAR folder after 
you have finished the configuration, and regularly thereafter. 
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Fae Edit Administration Windows Font Size Scripts 


Jf default New Service 
of Administration New Service 
old Emai-Gn-Demend 0... New Service 
old Emai-Gn-Demand T... New Service 
old Listserver Demo New Service 
old Listserver Timer New Service 


ListSTAR Log 


12:38:43 PM (100): 


Initializing version 1.1.0 of ListSTAR Package. 
12:38:47 PM (100): ListSTAR Administrotor Address: postaaster 
: Key Validated. 
: :; Using Open Transport for 68k. 
12:38:50 PM (100): 
Date: Wednesday, July 30, 1997. 


FIGURE 6-37: The ListSTAR Services and ListSTAR Log windows. 


When you first launch ListSTAR, you are presented with the ListSTAR 
Services window and the ListSTAR Log window. Ignore these for now. 
We must first set ListSTAR’s preferences. 


Configure General Preferences 


Select the General Preferences command under the Windows menu bar 
item to open the ListSTAR Preferences window. The General category 
contains instructions for how much time ListSTAR will spend attempting 
to deliver queued mail, how many details it will record in its logs, and 
whether or not it will run in a “threaded” environment. 


There is little need to change the settings in the Outgoing Mail Queuing 
field. Email might not go through initially because the destination mail 
host is down or busy. However, if you know a regularly used mail host is 
unavailable for periods longer than those set in the defaults, you may 
want to change them. 


What you choose in the Logging Level pop-up menu determines how 
much information ListSTAR will record about each session. The default 
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Message Logging is usually sufficient, but selecting higher levels will 
provide you, or StarNine Tech Support, with more valuable troubleshoot- 
ing information. 


Below the Logging Level pop-up menu is the Threads field. The Enable 
Thread Support checkbox should be selected. When running under Sys- 
tem 7.5 and newer (and earlier System 7.x with the Thread Manager 
extension installed), ListSTAR can open a number of simultaneous con- 
nections. Without Thread Manager support, ListSTAR can open more 
than one connection simultaneously but can move email over them only 
one at a time. 


Display... | O message(s) queued. 
Retry queued mail after minutes. 
Return queued mail after [14 ] days. 


{ L Level 


{ 
} Threads 


[ef Enable threads support 


Status Window gS 


FIGURE 6-38: Setting general preferences. 


Configure Naming Host Preferences 


Select the Naming Hosts category in the ListSTAR Preferences window. 
Type the list server's domain name in the My Hostname field (e.g., “lists. 
yoursite.com”). See Chapter 11 for information on establishing Domain 
name-to-IP address mappings. 
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{\ 


9 


lists sotonnet.com 


Default Mail Host 


[smipsotornetcond 


fx Send all mail to default host. 


FIGURE 6-39: Setting up hostname preferences. 


Next, in the Default Mail Host field enter the hostname of a mail host, 
presumably your AppleShare IP Mail Server, to forward email to for 
delivery (e.g., “smtp.yoursite.com”). 


There are two TCP/IP-based flavors of ListSTAR. ListSTAR/SMTP oper- 
ates as its own stand-alone mail host and can deliver its email directly, 
but you may off-load the work to the default mail host by selecting the 
Send all mail to default host checkbox. ListSTAR/POP can be config- 
ured with the same services that ListSTAR/SMTP provides, but it requires 
that another mail host forward its messages. 


Note: It is unwise to run ListSTAR/SMTP on the same machine that is running 
the AppleShare IP Mail Server, because both servers listen for incoming messages 
on TCP Port 25. You may safely run ListSTAR/POP on the same computer that 
is ranning AppleShare IP Mail Server. 
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Configure Enclosures Preferences 


Select the Enclosures category in the ListSTAR Preferences window. In 
addition to plain-text email, ListSTAR can send out file enclosures. To 
pass these enclosures through various other email systems, however, it 
must translate them into a binary format. It is an Internet convention to 
encode file enclosures in one of several widely accepted formats. 


What you choose in the File Translations pop-up menu determines how 
ListSTAR will deal with straight text file enclosures in outgoing mail. The 
default of Append TEXT files to Mail directs ListSTAR to add the con- 
tents of the enclosure to the body of the email message itself. 


Out Enclosure Translations 
File Translations : 
reo Fes: 
Fe Compcestn: 


Naming Hosts [ Encoding: Binhex 4.0 Vv 


iy | LJ Limit total enclosure size to [____|k oytes. 
Pen ure ) Outgoing Body Translation 
Body Translation: |_RFC 822-987 USA v 


Status Window Pa 


FIGURE 6—40: Setting enclosure preferences. 


The default Keep as separate files in the Multiple Files pop-up menu 
ensures that ListSTAR will not pack different file enclosures together. 
Imagine that you have one text file and one application (binary) file that 
you wish to send to a mailing list. Under this preference, ListSTAR han- 
dles the text file based on the criteria established in the File Translations 
pop-up menu, and the binary file using criteria established under the 
Encoding pop-up menu. In this case, two enclosures leave the list server. 


If you know that ListSTAR is distributing files to Macintosh users only, 
perhaps because it is on an intranet, you may save users some transfer 
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time by enabling StuffIt compression in the File Compression pop-up 
menu. 


Of the many options in the Encoding pop-up menu, there are only three 
that most administrators will need to think about. 


1. The default choice is Binhex 4.0, which is used to turn binary data into 
ASCII text and back again. This method works best when you have 
Mac OS file enclosures that you know are going to other Mac OS users. 


2. Choosing Data fork Only will direct ListSTAR to apply the UNIX 
standard UUencode algorithm on the data fork of a Mac OS file and 
discard the resource fork. If the ultimate destinations of these enclo- 
sures will be other Mac OS users, this deprives them of resource 
information needed by the Mac OS, but if the ultimate destinations 
will be users of older PCs or UNIX machines, Data fork Only is the 
best choice. 


3. Ifyou choose AppleSingle, ListSTAR translates the Mac OS file into a 
file format that permits both its data and resource forks to be recre- 
ated on the receiving system; then it encodes this resulting file using 
the UNIX-standard UUencode format. 


Refer to the ListSTAR Administrator’s Guide for complete information. 


If necessary, you may limit the size of outgoing messages by setting the 
Limit total enclosure size to option. This fail-safe ensures that your list 
server is not overwhelmed by large files. 


You may determine how the Macintosh’s 8-bit characters will be trans- 
lated for systems using 7-bit character sets in the Body Translation pop- 
up menu. I suggest that you stick with the default RFC 822->987 USA 
option because it works even on the oldest email systems. 


These settings affect all email leaving ListSTAR. 


Configure Status Window Preferences 


Select the Status Window category in the ListSTAR Preferences window. 
Enabling the Display ADMIN Status Window checkbox displays a use- 
ful monitor of ListSTAR’s activity. The numbers you set in the Count 
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mail messages every field determine how much time ListSTAR will 
spend counting messages. Every 15 minutes is usually often enough 
unless you are troubleshooting. 


Display ADMIN Status ‘Window 


Count mail messages every 4S | 
Limit mafi count to a max of 100 


Total received: 0 mess. 
Gateway started: Jul 20, 12:38 PM 
Spool folder size: > OK 
Free sys heap mem: 26K 
Free app heap mem: 977K 
Free disk space: 1119354K 
Processing state: ile 


FIGURE 6—42: The ListSTAR Status window. 


ListSTAR will stop counting messages after it reaches the number you 
specify in the Limit mail count to a max of field. Make this number 
smaller than 100 to limit the load on the processor. 
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Configure SMTP/TCP Preferences 


* of Incoming Connections : [s__vj 
Tep Command Timeout : [27 iv] 


FIGURE 6-43: Setting SMTP/TCP preferences. 


Select the SMTP/TCP category in the ListSTAR Preferences window. 
Here you can modify how ListSTAR will work with TCP/IP and the 
threaded environment mentioned earlier. 


With the default of 5 in the # of Incoming Connections pop-up menu, 
you get a total of 11 concurrent processes, or threads. Five of these listen 
for incoming email, four send email, one is the main thread, and one more 
can also act as a sender. 


FIGURE 6-44: The ListSTAR Threads window. 
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The TCP Command Timeout pop-up menu controls how long ListSTAR 
will wait for a response from a mail host before assuming it is unavail- 
able. The default is 127 seconds, but you might have better luck with 255. 


If you are running ListSTAR on a non-Open Transport computer, the 
NameResolver pop-up menu will have some relevance. It determines 
whether or not ListSTAR will call on MacTCP or on its own built-in 
resolver to query DNS. I recommend that you use Open Transport, how- 
ever, in which case this menu will be grayed out. 


If you select the Ping before opening connection checkbox, ListSTAR 
will try to make sure that a remote host is available before attempting to 
communicate with it. Disable this if you are running ListSTAR/POP 
alongside AppleShare IP Mail Server. 


Configure Date and Time 


To ensure that ListSTAR generates the correct time in its email headers, 
you must tell it what time zone it is in relative to Greenwich Mean Time 
(GMT). You can do this by pressing the Set Time Zone button in the Date 
& Time control panel, and then choosing the city nearest you in the list 
that appears. 


a.) Selecta chy inthe currenttime 
zone... “s 


San Diego, USA. 
an Francisco, USA. 
San José, Costa Rica 
San Salvador, El Salvador 
Sanaa, Yemen 
"[Santiago, Chile 


Establishing Administrative Services 


ListSTAR’s services are composed of individual email accounts that are 
associated with a set of rules. These rules control how messages sent to 
the email accounts will be handled. 
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Services are defined as one of two types: SMTP or Timer. SMTP services, 
such as list services and EOD, react to keyword-coded email (e.g., “When 
an email comes in that says this, do that”). Timer services, such as list 
server digest distribution and log forwarding, react to schedules (e.g., 
“When it is that time, do this”). 


An SMTP service must both send and receive email, so it requires its own 
email account. A Timer service need only send email, so it does not 
require its own email account. 


New Service 
¥ Administration 12:46 PM Wed, Jul 30, 1997 


old Emai-Crr-Demand 0... New Servive 
old Emai-On-Demand T... New Service 
old Listserver Demo New Service 
on Listserver Timer 


FIGURE 6-45: Services available in the ListSTAR Services window. 


When ListSTAR is first launched, several administrative services are 
made active. These are listed in plain text in the ListSTAR Services win- 
dow. In addition, several demonstration services are available but inac- 
tive. These are listed in italics. The services that are active are Timer and 
SMTP services, set up to automate ListSTAR’s administrative functions. 


Modify the Default Service 


The “default service” handles all email not addressed to any other ser- 
vice. To configure it, double-click on its line item. In the Service Prefer- 
ences window that appears you will see icons for both the service’s email 
account information and the associated rules. 


In the Account window, edit the Email Address field to reflect your site 
(e.g., “MAILER-DAEMONGlists.yoursite.com”). 
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SMTP Account Information 


Friendly Name: |Mail-Delivery-Subsystem 
Email Address: | MAILER-DAEMONG@Hists scionnet com 


FIGURE 6-46: Setting default service account preferences. 


“default” Service Preferences === 


Mailer-Daemon Mail 
oatch majordome 
oatch listsery 
catoh listproo 
catch liststar 
oatch listmaster 
catch postmaster 

¥ Return all 


Rename... 
Daptonte 


FIGURE 6-47: Setting default service rules preferences. 


In the Rules window you can determine how ListSTAR will handle mis- 
addressed email. To get an idea of how this works, double-click on the 
“Return all” list item to examine its criteria. 


312 « AppleShare IP 


CJ Enclosure is present 


LJ Message priority 
Miscellaneous Tri s 


L] Execute AppleScript Nothing Selected 


Mailing-list 


FIGURE 6-48: Examining default service content triggers. 


Rules are basically “if-then” instructions: If you see a red light, then stop 
at the intersection (a logic that is foreign to many of my fellow San Fran- 
ciscans). In the default service, the settings in the Content and Reply win- 
dows work together to complete the if-then statement. For example, If 
you get a message, then: 


eply Actions 
[1] Add enclosure(s) 


Actions 
Add message 


The recipient address does not exist. 


LL] Add fite Nothing Selected (eae) 


Cl Add processing history 


Add original message body 


FIGURE 6-49: Examining default service reply and body actions. 
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1. Reply to the sender by appending the subject with “Re:” and... 
2. add the message “The recipient address does not exist” and... 


3. add the original message body to this reply. 


The instructions go on in the Miscellaneous window to say: When you 
have done that, stop processing the email and record your actions in the 
“ListSTAR log” by saying “Mail to unknown service returned.” 


fa Stop rule processing 

Led Write message to “ListSTAR Log” 

[J Add entry to Transaction Log 

[EJ Fite mail in folder _  Natti¥ing Selected. 


» Goran w]e 


[J Copy mati file to 
[2] Execute AppleScript 


FIGURE 6-50: Examining default service miscellaneous actions. 


This is the basic model of how all services work. To see or enter a sum- 
mary of a service’s functions, select the Rule’s Comment window. 
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This rule will return mail to an unknown address to the sender. There 
are ather actions that could be done like filing/for warding or auditing 
the address for a “close” match to a different service...| 


FIGURE 6-51: Examining default service rule’s comment. 


Note: If you change the name of this service, be sure to include a blank space before 
the new name. It needs to be at the top of the ListSTAR Service window to execute 
at the right time. 


A> 


Modify the Administration Service 


The “Administration” service does not handle incoming email and so 
does not require its own email account. Its job is to file ListSTAR’s vari- 
ous log files within the subfolders of the “Administration” folder that is 
in ListSTAR’s “Services” folder. 
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fy LogFileHanding 1 3:59 AMFri,Sep 20,1... | 
Jf Transaction Log Hand1.. 3:59 AM Fri, Sep 20, 1... 
Jf Generate Configuratio... 3:39 AM Fri, Sep 20, 1... 


Jf Generate Usage Report 3:39 AM Fri, Sep 20, 1... 
Jf Rename Address List ... No Hits 
Restart the server No ties 


FIGURE 6-52: Examining rules in the Administration Services window. 


You may change the folder to which logs are saved or have the service 
forward some or all of the logs to your email account here. 


It is beyond the scope of this book to illustrate every possible ListSTAR 
configuration. However, I will show you a configuration that can help 
you greatly in supporting your end users, the topic of Chapter 8. 


Establishing Email-On-Demand 


To familiarize you with ListSTAR further, let’s set up a new service. This 
requires little effort because StarNine thoughtfully created several 
scripted templates that need only minor modification to reflect your exact 
needs. 


‘Let's use this initial service to answer common user questions. We will 
name it “Tech Support EOD.” This new service will: 


1. Collect email under the account name of “FAQ” (for “Frequently 
Asked Questions”). 
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2. Accept messages addressed to “FAQ@lists.yoursite.com” which con- 
tain the word “index” in the Subject field and respond with a mes- 
sage form that contains an index of available topics. 


3. Enclose the requested files and reply, based on the selections made in 
the form and returned by the user. 


4, Update the index daily. 
5. Collect the email addresses of users who have asked for information. 


6. Log all transactions. 


Here is how you go about it. 


Scripts [sy 
tmport Any Template 
New Announcement List 
New Closed Mailing List 
New Corporate Autoresponder 


New Emall-On-Demand 
New Mailing List 

New Moderated Mailing List 
New Vacation Service 
Rename Address List Files 


To begin, select the New Email-On-Demand command from ListSTAR’s 
Scripts menu bar item. This will direct ListSTAR to create all the files nec- 
essary for a new service from its templates and to ask you for basic infor- 
mation. 


——— a = 


Executing script “New 
Emailt-On-Demand”,. 


The script will first ask you to submit an address for the list server's 
administrator, or “listmaster.” This can be your own email address or, 
better yet, the Internet alias for AppleShare IP’s Mail Administrator 
account (e.g., “Postmaster@yoursite.com” ). 
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ie Please enter the email address for the 


Postmaster@scionnet.com 


Next, you must tell the script what name it should use for the service’s 
email account. 


a Please enter the address for 


That done, the script will ask you to name the new service. 


Please enter the display name for 
“Email-On-Demand” 


The script will then continue the installation process and inform you 
when it has finished. 


As you dismiss the script, it will inform you that there is still some work 
left to do. 
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You should now rename the new address lists 
& and services. 


Come) 


The first task is to rename the new service as it appears in the ListSTAR 
Services window. Select it from the list and press the Rename button: 
then change the name from the generic “Email-On-Demand” to “Tech 
Support EOD.” 


¥ Administration 
old Ermai-Or-Dermand 0... 
ond Emai-Crr-Demand T... 
on Listserver Demo 4. 
old Listserver Timer i all 
wv Tech Support EOD 12:39 PM Wed, Jul 30, 1997 |e 


FIGURE 6-53: Renaming the newly created service. 


Open the new service to view the Rules window in Service Preferences. 
Here you may modify StarNine’s demonstration settings. 


=== Tech Support EOD” Service Preferences 


a 


¥v Mailer-Daemon Mail No Hits 


Jf Stop Loops No Hits 
J Send Desired Files No Hits 
wv Send File index No Hits 


VY Track All visitors No Hits 
¥ Error Handling No Hits 


Cm) (tei) (Cie 
[Foi ) 


FIGURE 6-54: Modifying the service’s rules. 
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Mailer-Daemon Mail 


These rules are executed in the order in which they are listed here. The 
first rule, “Mailer-Daemon Mail,” handles any email from reserved 
addresses such as “mailer-daemon.” Email from such sources comes in 
when ListSTAR sends email to an address that is invalid or unavailable. 


You do not need to modify this rule. StarNine describes its purpose as 
illustrated: 


Hf the from address ts another listserver or contro] address then we 
send the message to the Administrator List. We alzo want te discard 
tt and stop processing the mail message | 


FIGURE 6-55: Purpose of the “Mailer-Daemon Mail” rule. 


This vital function should be part of every service you create. This email 
will be forwarded to the list server administrator's address, which you 
entered earlier. 


Stop Loops 


Under rare circumstances, a list server may automatically respond to an 
email query, which bounces back causing the list server to respond again 
ad infinitum. The Stop Loop rule ensures that this will not happen by re- 
directing any incoming messages that begin with “Re:” (Reply). StarNine 
describes its purpose as illustrated: 
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FIGURE 6-56: Purpose of the “Stop Loops” rule. 


This too is a vital function that should be part of every service you create. 


Send File Index 


The first rule you may modify is the third in the list: “Send File Index.” 
This rule involves the use of ListSTAR’s auto responder. The auto 
responder uses AppleScript to generate a selection form in which users 
can see what files are available on the list server and select the ones they 
want to have returned to them. 
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Starch satura Boek ~ 


FIGURE 6-57: Modifying the Content window. 


In the Content window, modify the rule to accept email that has the key 
phrase “FAQ Index” in the Subject field. 


FIGURE 6-58: Adding to the “Files Available for Retrieval” folder. 


ListSTAR puts a “Files Available for Retrieval” folder within the folder it 
made automatically when you created the service (e.g., the “Tech Support 
EOD” folder within the Services folder). Here is your repository for the 
FAQ files that ListSTAR will send to your users. (I have included a bunch 
of these for you on this book’s accompanying CD-ROM.) Note too that 
ListSTAR also encloses a file titled “List of Available Files” within the ser- 
vice’s folder. This will be your EOD index. 


There are two ways in which the file index can be returned to a user. The 
first way involves the auto responder and AppleScript, and can be 
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enabled in the Miscellaneous window. Under this method, ListSTAR cre- 
ates a list of files in the service’s folder on-the-fly and returns it to the user 
for further instructions. 


Cj Stop rule processing 
fed Write message to “ListSTAR Log” 


[LJ Add entry to Transaction Log 
LJ Fite mail in folder ("Nothing Selected | 
subsecivdale twee Ww 
| AppleScript Actions 
(I Copy mail fite to 
if Execute AppleScript 


oe, 


ee ee 
(J Add enclosure(s) | Nothing Selected 


j Body Actions 


Add file “List of Avatlable Files” J (est 


C3 Add processing history 


FIGURE 6-60: Modifying the Reply window. 
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If you prefer to avoid AppleScript, you can configure another method in 
the Reply window. In this window, direct ListSTAR to reply to the 
incoming message with the words “Re: FAQ Index” in the Subject field. 
Then enable the Add file checkbox. Press the button next to the Add file 
field to make sure “List of Available Files” is selected. Press the Edit but- 
ton to manually change its contents. 


List of Available Files 


Below is a Hst of the files that are available for retrieval from this 
lstserver. To request any of the files, replace the space between the 
brackets with an ‘x‘ (as in "{x]"). You may request as many files as you 
wish by marking multiple items. Each file will be returned to you as an 
enolosure of a separate mail message. 


aan annnnnnnnnnnnn nn === File Listing Follows -------------------~ -- 


AFP Logon 
AFP /TCP Logon 


} 

} 

] Fetch Logon 

] Access Privileges 


FIGURE 6-61: Modifying the File Index file. 


Send Selected Files 


Work with the “Send Desired Files” rule next. In the Content window of 
this rule you will see a line of control characters. 


This is code that ListSTAR understands. 


\[ *x *\] Get file \(.*\) 
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\[ #x #4} Get file FNS 


Cj Enclosure is present 


[1] Message priority 


Miscellaneous Tr s 


Mailing-list 


FIGURE 6-62: Viewing the expression for parsing the incoming 
file request form. 


|=} Miscellaneous Actions 
CI Stop rule processing 
LA write message to “ListSTAR Log” 
{ACCT_FULL_NAME} : Sending requested files 
(J Add entry to Transaction Log 
(] Fite mail in folder Nothing Selected 


by [sbyeriferteremne “w] [ee aotn 


t Actions 
(] Copy mail file to Kotiving Se leotes! 


Execute AppleScript "Return Requested Files” 


FIGURE 6-63: Selecting the auto responder AppleScript. 


When a user has made choices in the file index form and replied with it, 
his action parses the file, extracts the requested filenames, and uses Apple 
events to send each file back to the user. Go to the Miscellaneous window 
to see the AppleScript that Apple events call for. You should see the 
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“Return Requested Files” script selected by the Execute AppleScript 
checkbox. 


Track All Visitors 


The fifth rule is “Track All Visitors.” It will record the email address of 
every user who requests a document from your EOD service. 


“| 
-. 


s (isnotin vw) (EimathOn-Demand List” 


[J From address is a list-server /maf-daemon 


Mailing-list 


Administrator List 
Email-On-Demand Demo List old Email-On-Demand Demo Address List 
Listmaster Address default, Tech Support EOD Address List 
_| Listserv Demo List old Listserver Demo Address List 

} Listserv Digest Demo List old Listserver Demo, old Listse... Address List 
Emait-On-Demand List Address List 
Emait-Oa—Demand List Teoh Suppert EOD Adéress Li... 


FIGURE 6-65: Selecting the new service mailing list. 
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You can choose which mailing list the addresses will be added to by 
pressing the button next to the From Address Field. Also go to the Mail- 
ing List Action window. Here too you should see the new mailing list in 
the button by the add “From” address to pop-up menu. 


Error Handling 


L] Select a digest file 


[J Addheaders = [FJ Add body [[] Add separator text 
[J Setect a table-of-contents file Nothtry Seleoted 
[J Add subject = [[] Add sender 


Cl add Headers |  NothingSelected = | 


FIGURE 6-66: Selecting the new mailing list as the “From” address. 


The sixth and final rule is “Error Handling,” which will notify you when 
there has been an error in message processing. You do not have to make 


any changes here. 
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Mn es 
y Yee es Ae” 


An error has coourred while processing some mati. The mail is 
in the queue and will be reprocessed. Please make sure that all 
rules are correct. 


LD Ase me 
[] Add processing history 
[2] Add original message body 


FIGURE 6-67: Establishing error notifications. 


Press the OK button to return to the ListSTAR Services window. Here, 
enable the checkbox next to the new service (e.g., “Tech Support EOD”). 
This completes the steps necessary to use the SMTP service for this EOD 
system. 


There is an additional service that you may wish to set up. Under the cur- 
rent configuration, an AppleScript will be launched to generate a new file 
index each time one is requested. If your list server gets many hits, this 
can increase overhead unnecessarily. You might want to have the file 
index generated once daily instead. To do this you need to create a Timer 
service. 


Using an EOD Timer 


To begin, press the New button in the ListSTAR Services window to cre- 
ate a new service. Name it “Tech Support EOD Timer, ” and be sure to 
select Timer in the Type pop-up menu. 
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S: Create new ListSTAR service: 


Service Name: | Tech Support EOD Timer 


Create Rule with the following 
name: 


At 12:00 AN, everyday 


Miscellaneous T . 4 
[-] Fite ts greater than zero bytes 


LJ Execute AppleScript 


FIGURE 6-69: Setting the update timing. 
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This service needs only one rule. Press the New button in the Services 
Preferences window to create it, naming it “Update FAQ Index.” In the 
Timing Triggers window, enable the Invoke rule at checkbox, and use 
the Set Time button to execute this function daily. Choose a time when 
the server is least busy and when it will not conflict with another service, 
such as a backup or database synchronization. 


@ at|1z904M |) 


Qevery [15] minutecs) 
{] Between [12:00 as ]Q) 


FIGURE 6-70: Enabling the “Create Folder List” AppleScript. 


In the Miscellaneous window, enable the Execute AppleScript checkbox 
and use the button to choose the “Create Folder List” script. This script 
will update the “FAQ Index” whenever additional files have been added 
to the Files Available for Retrieval folder. You will then have a system 
that should relieve some of your user support burden. Be sure to test it 
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from several different email accounts before you start advertising its 
availability, however. There will probably be some minor tweaking 
required. 


This short section cannot replace StarNine’s ListSTAR Administrator's 
Guide for detail. However, I hope that it has made you familiar enough 
with ListSTAR’s workings that further reading will be easier. 


SUMMARY 


AppleShare IP Mail Server is an SMTP- and POP3-compliant email server 
capable of exchanging email with both Mac OS and non-Mac OS-based 
computers on a LAN or the Internet. It is also capable of communicating 
with Mac OS computers over AppleTalk. 


The Mail Server relies on two important files. The first is AppleShare IP’s 
Users & Groups Data File, in which the program stores information such 
as users’ account names, Internet aliases, and whether or not users’ 
accounts are enabled to use email services. The second is the Mail Data- 
base, in which all incoming and outgoing email is stored. Both should be 
backed up regularly, when the Mail Server is not running. 


In addition to AppleShare IP’s Mail Server, another useful email service is 
made available by a list server such as StarNine’s ListSTAR. With it you 
can host email discussion groups and provide email on demand. 


AppleShare IP Print 
Server 


Many LANs owe their existence to printing because, once upon a 
time, laser printers were expensive. In order to make one cost-effec- 
tive, it was necessary to share it among multiple users. AppleTalk 
made this possible. 


The first Apple printer that could be shared on a LocalTalk network 
was the ImageWriter. This dot matrix printer used QuickDraw, the 
same technology that Apple employed to draw images on the 
screen. The screen resolution of a Macintosh was 72 dots per inch 
(dpi), as was the resolution of the ImageWriter. Not much to look 
at, but it was enough to spark the desktop publishing revolution! 


In 1984, the Macintosh was the first computer to ship with multiple 
fonts. These were bitmapped fonts, designed to be displayed on a 
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screen in pixels, and as such they appeared jagged when printed. In 1985, 
the situation changed greatly when John Warnock and Chuck Geshke of 
Adobe Systems created a computer language just for printers. The Post- 
Script page description language made it possible to use a printer, 
equipped with its own processor, to mathematically translate the square 
pixels of a monitor into the round dots necessary for high-resolution 
printing. This process is called rasterizing. 


Laser printers quickly took over the market, which had been dominated 
by dot matrix and typewriter-like daisy wheel printers. The PostScript- 
based Apple LaserWriter was one of the first. It became a standard piece 
of equipment in many offices, spawning many LocalTalk networks. 
Today it would be unusual to find an office that does not have one or 
more networked laser printers. 


Hewlett-Packard had created another system, Printer Control Language 
(PCL), but this was never supported on the Macintosh. HP entered the 
Mac OS marketplace when it started making dual-language printers that 
could switch to either PCL or PostScript with each print job. (Luis 
Cubero, a Hewlett-Packard engineer, once told me his company’s reason- 
ing behind introducing the laser printer in the first place: Daisy wheel 
and dot matrix printers were too noisy! HP speculated that if they built a 
printer based around a nice quiet copier engine, there might be a small 
market for them in the workplace. Obviously, there was more than a 
small market. HP has shipped more than 20 million LaserJets to date.) 


In the future, we can look forward to a reversal of sorts. Instead of using a 
screen-draw technology in a printer (QuickDraw), Apple will be using a 
printer language to draw the screen (PostScript). 


There are several ways to print from a Mac OS computer. You can print 
locally from the workstation to an attached printer through the Printer 
(LocalTalk) port using a serial cable. You can print remotely over the net- 
work to a printer connected to, and shared from, another workstation. 
You can print remotely to a stand-alone network printer. Finally, you can 
print to a print server, such as that of AppleShare IP, that resides on one 
computer but controls multiple printers. 


In this chapter we will look at AppleTalk printing and see how Apple- 
Share IP’s new print spooler makes it easier and faster over your net- 
work. 
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HOW PRINTING WORKS 


All Mac OS print jobs begin at the Chooser. This application can be 
launched from the Apple (@) menu bar item. Here you choose an icon 
that represents the device to which you will print. The icons represent 
each device's printer driver. 
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FIGURE 7-1: Opening the Chooser. 
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See88 


FIGURE 7-2: QuickDraw printer drivers for ImageWriter, StyleWriter, and 
Color StyleWriter Pro; PostScript printer drivers for Personal LaserWriter and 
networked LaserWriters. 


All devices on the network that can communicate with the driver you 
select will appear in the Chooser (right side). If your network has zones 
(lower left), you will also need to choose the one in which the preferred 
device is resident. 


You do not have to do this each time you actually print. The computer 
stores your choice in its battery-powered Parameter RAM (PRAM) and 
remembers it until you change it. (If you are using a version of the Mac 
OS that supports Desktop Printing, a desktop printer is also created.) 


When you execute an application’s Print command, it uses QuickDraw 
and the Font Manager to convert the document into Postscript com- 
mands, which can then be sent to the communications port. The Printing 
Manager is also called upon to load into RAM the printer driver for the 
device last chosen in the Chooser. Then the printer driver calls on Apple- 
Talk to contact the printer. At this point, network printing begins. 


As with the file server transactions illustrated in Chapter 4, a workstation 
relies on the Name Binding Protocol (NBP) to locate the printer. It also 
relies on the AppleTalk Transaction Protocol (ATP) to transport data to 
the printer. There the likeness ends. Instead of using the AppleTalk Ses- 
sion Protocol (ASP) to control the process, the Printer Access Protocol 
(PAP) is used. Instead of sending file read/write commands (e.g., AFP), 
PostScript commands are sent to the printer. 
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FIGURE 7-3: PostScript and PAP in the OSI model. 


For the purposes of AppleTalk, all print jobs are sent to print servers. A 
print server can be a network-capable printer, such as a LaserWriter, or it 
can be an application such as the AppleShare IP Print Server. Do not let 
this confuse you. Both make themselves visible on the network with a 
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Session Listening Socket (SLS) on which they register their names. The 
practical difference between the two is that a printer can handle just one 
job at a time, while a print server can handle multiple jobs and multiple 
printers. 


2. | want to print! 


1. You there? 1. Yes. 


2. I’m busy. 


FIGURE 7-4: Printer identity confirmed, waiting to print. 


Although Jane might have selected the printer in the Chooser weeks 
before the print job and her choice is remembered, the Printing Man- 
ager still calls on NBP to verify that the printer she chose is on the net- 
work and using the same name and AppleTalk network number. 


Once NBP has verified the print server’s address, the printer driver 
will use PAP to attempt to open a connection. 


If the printer is busy when Jane’s workstation requests a print job, it 
will return a status message while PAP continues to establish the con- 
nection. When the printer is free, it will interpret all incoming print 
requests and respond first to those workstations that have been wait- 
ing the longest. If this workstation happens to be Jane’s, the printer 
will tell the printer driver that it is ready to receive her print job. 
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1. Yes. 


1. You still there? 
Bring on the job! 


2. You stil! there? 


FIGURE 7-5: Workstation-to-printer communication using PAP/ATP. 


3. When a connection has been established between the workstation 
and the printer, PAP calls on ATP to transfer the data. While the Post- 
Script file is being transferred to the printer’s RAM, the workstation 
and the printer maintain a constant dialog similar to this one: 


Document: “Microsoft Word - ASIP5S Dft.1 ...”. 
Downloading Zapftumanist601BT-Ultra 


user: Tom Dell; Status: processing job 


PAP is now in its data transfer phase, which has two functions. First, 
PAP maintains the smooth transfer of data between the workstation 
and the printer using a model referred to as read-driven. This means 
that when the printer is ready to receive data from the workstation it 
issues a PAP Read call to the workstation’s responding ATP socket. 


When the printer requests a transaction, the workstation must 
respond within a specified length of time. If a responding packet does 
not make it to the printer in time, perhaps because of a collision, the 
printer issues additional requests until it gets what it wants. 


4. PAP’s second job during this process is to detect and disconnect any 
half-open connections that can occur when a workstation bombs or 
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hangs. If either device in the PAP connection discovers that the other 
device is no longer responding, the connection is closed. 


5. At the printer, the PostScript data is stored in RAM until enough is 
present to begin printing. The actual printing process is a wonder of 
precision that requires that the exact amount of data be copied to the 
engine’s electrically charged drum while the paper is in the exact 
place and while data continues to flow into the machine’s memory 
buffers. 


This process is an example of direct printing, although most Mac OS users 
do not use this method. While the workstation is sending such a print job 
it cannot do anything else until the printer has finished. Depending on 
the print speed and installed RAM of the printer, as well as the size and 
type of file it is being asked to process, this can take quite a while. Most 
Mac OS users resort to the default background printing to save time. 


 <Serial Port» 
& ScionNet Color 


ul ae § 
Color SW 2500 Color SW Pro 


Remote Access aE ii 


Training : 
AppleTalk > iaeeise 


FIGURE 7-6: Enabling background printing in the Chooser. 


Under the background printing model, the application passes its job to a 
small system application called Print Monitor. After the PostScript file is 
spooled to the hard disk, the application that created it is free to go on to 
other tasks. Print Monitor then calls on the printer and processes the job 
“in the background.” Multiple print jobs can be sent to the Print Monitor 
and which are then said to be in queue. 
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& Microsoft word - ASIPS OfL.1 ... @ B&W Queue 
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| Printing Status: Microsoft Word - ASIPS Dft.t ... 
Pages To Print: 12 
4 Status: starting job 


FIGURE 7-7: The original Print Monitor. 


The Mac OS has two versions of this application. The traditional Print 
Monitor becomes available under the Finder only when called upon to 
print. The Desktop Print Monitor, available since System 7.5, can be 
accessed at any time by double-clicking on the active printer’s desktop 
icon. 


FIGURE 7-8: The Desktop Print Monitor. 


While background printing frees up the workstation for other things, it 
does so at the price of processor performance. It can also require signifi- 
cant amounts of free disk space in which to create its spool files. 
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A further improvement is introduced by a dedicated print spooler such 
as the one offered by AppleShare. Under this model, a server acts as an 
intermediary between workstations and network printers. There are sev- 
eral advantages to this. First, the workstation is relieved of the perfor- 
mance degradation associated with a big print job. Second, while a 
printer can handle only one job at a time, a print server can accept multi- 
ple jobs and pass them out to multiple printers simultaneously. 


The print server advertises itself on the network in the same way a printer 
does. It is accessed in the same manner, via the Chooser. 


oe | | ii B&W Queue a] 
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FIGURE 7-9: Choosing a Print Server. 


Before we examine the AppleShare IP Print Server, let’s go over the 
installation of its remote components, networked printers. 
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INSTALLING NETWORK PRINTERS 


Many laser printers from Apple, HP, and others can be connected directly 
to your LocalTalk or Ethernet network. These are the types of devices we 
generally think of when we talk about “network printers.” Some printers 
can also be attached to a workstation and shared with other workstations 
in much the same way that folders are shared using Personal File Sharing. 
In both cases, some setup is required. 


Installing an AppleTalk-Enabled Laser 
Printer 


Laser printers are the workhorses of most modern offices. Although they 
cost a fraction of what they once did, it still makes good fiscal sense to 
share them among multiple users via the network. 


Connect the Printer 


The first step required to install a network printer is to attach it physically 
to the network with a cable. Many printer manufacturers describe their 
devices as being “AppleTalk-capable,” but they neglect to tell you which 
cabling topology it requires. Most medium and higher-end printers have 
built-in Ethernet, but many permit only LocalTalk. If you find you have 
purchased a LocalTalk printer but you have an Ethernet network, you 
may still use it by purchasing an additional LocalTalk-to-Ethernet bridge, 
such as the EtherWave adapter made by Farallon Computing. 


Once you have attached the printer and turned it on, it will usually print 
out a test page to let you know it is operating properly. 
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Rename the Printer 


By default, the newly installed printer will create its own name and 
advertise itself on the network. Unfortunately, these names are not very 
helpful when there are more than one printer on the network. What infor- 
mation will show a user the difference between one “LaserWriter” or 
“LaserJet” and another? One could be in the next room while another 
could be in the next building. How is a user to know? 


To make selecting a printer easier for users, rename them according to 
some methodology that makes sense in your organization. This can be 
done from a remote Macintosh using the utility software that came with 
the printer. 


Rename the chosen printer: 


Current name: LaserWriter Pro 630 


New name: 


Front office LW Pro 630 


FIGURE 7-10: Renaming a LaserWriter. 


One of my former employers used a whimsical method, naming net- 
worked printers after famous swords, “Excaliber,” “Stormbringer,” and 
so forth. This was not a very useful scheme because it did not tell anyone 
what the printers were or where they were. A better scheme would be 
something like “Front office LW Pro 630” or “Administration LaserJet 
6P.” 


One of my clients in San Francisco has numerous HP LaserJet printers of 
exactly the same type. To distinguish them, they have adopted the names 
of local landmarks, all of which are visible from the office’s windows. If 
you print to “Golden Gate,” you are printing to the western-most printer 
in the building. If you print to “Alcatraz,” you are printing to the north- 
ern-most printer. This scheme works well for them. 
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Set Printer Name WE Packano 


Current name: 
“Golden Gate” 


New name: 


FIGURE 7-11: Renaming a LaserJet. 


When I was younger, I ran a desktop publishing service bureau. We had 
several laser printers that shared a network with an imagesetter. Printers 
were still expensive then, so people would rent time on our computers to 
print out work they had created at home or in school. Unfortunately, I 
would get customers who did not know the difference between Hewlett- 
Packard and Linotype-Hell and selected the imagesetter in the Chooser. 
Since laser copies were $.02/ page and photo paper was $10/page, this 
was a nasty surprise for many. We tried signs. We tried pre-configuring 
all the machines. Nothing worked. Finally, we renamed the imagesetter 
so that it was listed in the Chooser as “Erase and Shutdown Mac.” That 
worked. 


Set the Printer’s Zone 


If your printer is in an Ethernet network, you have the additional option 
of putting it in a specific zone. The same rules that apply to your original 
zone-naming conventions apply here. If your zone list is modeled after 
departments, for example, move the printer into the zone associated with 
the department that will use it most. 
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Configure Printer Defaults 


Depending on what task the printer is being asked to perform most often, 
you might wish to adjust some of its default settings. For example, your 
HP LaserJet may default to 600 dpi resolution. If you know that its users 
are printing only text and never graphics, you can save a great deal of 
money on toner by switching to a lower resolution, without noticeably 
affecting print quality. 


Resolution WE ackano 


(cancer) 


FIGURE 7-12: Adjusting resolution. 


Many printers also print a startup page every time they restart. Since this 
tends to waste a lot of paper, you might want to disable this function. 


Finally, if the printer has multiple paper trays, you can select the tray that 
will be used as a default when users do not specifically choose one. That 
can help prevent people from accidentally printing their email on 11-by- 
17 paper! 


A word about speed. Speed becomes an issue on networks whose 
users print large jobs or need to print their data quickly. Contrary to pop- 
ular opinion, moving a printer from LocalTalk to Ethernet or Fast Ether- 
net will not really feed your need for speed. It is the speed of the printer 
engine that is the real bottleneck. Having a printer on Ethernet as opposed 
to LocalTalk will get the data to the printer faster, but it will still print at 
the same rate thereafter. If you want to speed up network printing, print 
at lower resolutions, buy printers with the fastest engines available, and 
load your printers with RAM and resident fonts. 
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Sharing a QuickDraw Printer 


In general, it does not make much sense to attach a local printer to a 
workstation to share its services with many users, for the same reason 
that it is not a good idea to expect Personal File Sharing to support heavy- 
duty file server needs. It is slow and the performance degradation on the 
workstation can be significant. If, however, a workstation is attached to a 
special purpose printer that others may wish to use occasionally, printer 
sharing is a great idea. 


For example, imagine that one of your Macintosh users has the only color 
printer in the building. It would not do to have other users printing out 
entire reports on it, but the occasional color report cover might not be a 
problem. 


Attach the Printer 


The Macintosh is equipped with two serial ports, labeled printer and 
modem. The printer port is the traditional LocalTalk interface most often 
used for attaching printers, but you are not restricted to this port when 
attaching a printer. If a Macintosh is connected to a LocalTalk network 
through the printer port, you can attach the printer to the modem port so 
that the Macintosh remains connected to the network. The selection is 
made in the Chooser. 
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FIGURE 7-13: Selecting a printer connection in the Chooser. 


Share the Printer 


Next, press the Setup button in the Chooser. This opens the Sharing 
Setup window, in which you put the printer on the network by selecting 
the Share this Printer checkbox. 


Color StyleWriter Pro Sharing Setup 


hf Share this Printer 
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FIGURE 7-14: Sharing and renaming a local printer. 
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You should also assign the printer a meaningful name. The new name 
will appear in the Chooser as other users will see it. 


&, <Serial Port> 
@& ScionNet Color 
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FIGURE 7-15: Viewing a shared printer in the Chooser. 


Note that Background Printing is enabled by default. You should not 
share a local printer if the computer to which it is attached does not have 
enough hard disk space to accommodate a good-sized print spool. I rec- 
ommend no less than 20 Mbytes of free disk space. 


Although the printer is now available via the network, other users must 
have the proper printer driver installed on their workstations if they are 
to use it. They will also need to “set up” the printer to use the correct Post- 
Script Printer Description (PPD) file and, in some cases, other components 
such as the ColorSync control panel. These details will be covered in 
Chapter 8. 
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INSTALLING THE PRINT SERVER 


You may centralize your network printing by making its laser printers 
part of one or more AppleShare IP print queues. This is the fastest way to 
free up a user’s workstation at the beginning of a print job. Also, since the 
Print Server can administer multiple printers and distribute incoming 
jobs evenly, it is the most efficient way to increase printing throughput. It 
can support as many as 32 simultaneous print jobs. 


Launch Print Server Admin 


To use the Print Server for the first time, launch the Print Server Admin 
application. If you have AppleShare IP Manager running, press the third 
button in the window (or choose the Open Print Admin command under 
AppleShare IP Manager’s File menu bar item). You can also double-click 
on the application directly. 


Appieshere 1? Mana 
Admin Status 


Web & File Admin: Running 
Web & File Server: Run 
Web: Enabled 
File Server vie AppleTalk: Always Enabled 
File Server vie TCP: Enabled 
FTP: Enabled 


Mail Admin: Running 
Mat) Server: Net Running 


Print Admin: Not Running 
Print Server: Mot Running 


Open Print Admin 


FIGURE 7-16: Launching Print Admin from AppleShare IP Manager. 
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O Queues, O Printers | (i  ——— 


FIGURE 7-17: AppleShare IP Print Server Admin and its Print Server Activity 
window. 


This will open a password dialog box in which you must enter the 
Administrator Name and Password. Press the OK button when you have 
done this. The Print Server Activity window will appear. This window is 
designed to tell you which printers are attached to your server and how 
busy they are. 


Launch Print Server 


If the Print Server application is not already running, you can launch it 
manually by choosing the Start Print Server command under Print 
Admin’s Server menu bar item (or by pressing the Command (%)-[ key 
combination). The Server Status line in the upper right of the Print Server 
Activity window will change to read “Running.” 
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Create Queues 


Next, press the New Queue button in the Print Server Activity window 
(the first on in the upper left) or select the New Queue command from 
the Server menu bar item (or press the Command (%)-N key combina- 
tion). This will open the New Queue dialog box with General selected in 
the upper left pop-up menu by default. 


What you type in the Name field is what users will see in their Choosers 
when they select the queue. It can be up to 31 characters long but must 
not include a colon (:), equal sign (=), or approximately equal sign (=). 
The name must be different from that of any other queue or printer in the 
same zone, with one exception. 


When you add a printer to a queue, you have the option of making it vis- 
ible or invisible in the Chooser. If you leave it visible, it will be accessible 
to users both directly and via the queue. If you make it invisible, it will be 
accessible only via the queue. In the latter case, the queue could have the 
same name as a single printer, effectively replacing it as seen from the 
Chooser. This would give users faster performance without confusing 
them with name changes. 
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FIGURE 7-18: Establishing a queue in the New Queue dialog box. 


Each queue may be serviced by one or more PostScript printers, but they 
must all be of a similar type. This is because they will all use the PPD file 
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used by the first printer selected in the queue. (The PPD file contains 
information about each printer’s capabilities, such as what resolution it 
may use to print and how many paper trays it has.) 


The Print Server will support any printer compatible with the Laser- 
Writer 8.4 printer driver. This includes Apple LaserWriters and many 
third-party products, such as HP’s LaserJet series (PostScript). A logical 
naming convention might involve reference to the printer’s shared capa- 
bilities, such as “B&W Queue,” “Color Queue,” “Imagesetters,” “Large 
Format,” or “High-Res Queue.” You can create as many as 10 queues and 
attach a total of 30 printers. 


There are a few other choices to make here. If you want a banner printed 
with each job, you may enable this feature in the Banner Page field. Ban- 
ner pages list the name of the file that was printed and the name of the 
user who printed it, which can be useful for distribution. 


If the Print Job While Queuing checkbox is selected, the Print Server will 
begin the job before it has spooled a user’s entire file. That makes the pro- 
cess faster. However, if the connection between client and server is sev- 
ered during a job, the user will need to queue the entire job again. 


If the Advertise Color Printing checkbox is selected, a color icon appears 
next to a queue’s name in the Chooser when the first printer in that queue 
is color-capable. 


Attach Printer(s) 


Select Attached Printers in the New Queue window to bring up a 
Chooser-like list of the printers on your network. 
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Available Printers 


FIGURE 7-19: Looking for printers in the New Queue window. 


The zone listed initially in the Browse Zone pop-up menu will be the 
server’s default. Click on this pop-up menu and choose the Other com- 
mand to add additional zones. 


Production 
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Remote Access 
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FIGURE 7-20: Attaching a printer. 


Select a printer that you wish to make part of the new queue in the Avail- 
able Printers list; then press the Attach Printer button (lower left). The 
printer will be added to the Attached Printers list. To remove the printer 
from the list, press the Detach Printer button (upper left). To make the 
printer accessible directly as well as via the queue, enable the Visible in 
Chooser checkbox. Press the Save button when you have finished. 
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FIGURE 7-21: Working with an attached printer. 


The new queue will appear in the Print Server Activity window. Click on 
the triangle to expand the list item and see the printers that make up the 
queue. 
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The queue is operating normally. 
te) LJ SMP in LocalTalk status: looking for printer. 


FIGURE 7-22: Viewing a new queue in the Print Server Activity window. 


Enable Automatic Startup 


If you want the Print Server to start up automatically whenever the server 
computer is restarted, select the Print Server Settings command under 
the File menu bar item. In this dialog box you may also select a server 
volume other than the Startup Disk on which to store spool files. Press 
the Save button when you have finished. 
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FIGURE 7-23: Enabling automatic startup. 
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PRINT SERVER ADMINISTRATION 


Once set up, the Print Server is self-sufficient and rarely requires your 
intervention. Moreover, it has several useful management features, how- 
ever, which can be accessed through Print Admin. 


Managing Print Server Activity 


The Print Server Activity window is used to view and work with all of 
the Print Server’s queues. 


New Queue 


Edit Queue 
Show Queue Monitor 
Place on Hold 


Release Hold 


Delete Queue 
Show Log 


ae 


wv B&W Queue 
G& ScionNet Laser in Local Talk status: idle 

A > Color Queue 0 0 No printers are ettached. 

© > imagesetters No printers are attached. 


The queue is operating normally. 
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FIGURE 7-24: Working with the Print Server Activity window. 


She 
se 


Chapter 7: AppleShare IP Print Server ¢ 357 


The button bar permits access to all of the basic commands that can also 
be found under the Server menu bar item. These permit you to create, 
edit, monitor, and delete each queue and to suspend any job within a 
queue. You may also open the log from here. 


The actual activity pane lists its queues and shows the printers in the 
queues, as well as what those printers are working on and how many jobs 
are pending. There are two warning icons possible here. The Alarm icon 
tells you when there is a problem with the queue and explains the prob- 
lem under the Status column. The Stop icon tells you that the queue’s 
activity has been suspended. 


Managing Print Queues 


To work more closely with a given queue, double-click on its item in the 
Print Server Activity window or select it and press the Queue Monitor 
button (or select the Show Queue Monitor command from the Server 
menu bar item). The Queue Monitor window is used to manipulate the 
workings of a specific queue. 
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FIGURE 7-25: Working with the Print Queue Monitor window. 


ity window, but provides some additional capabilities. For example, in 
addition to being able to suspend a print job, you can move it up in line 
(Print Next button) or delete it altogether. You can also manually direct it 
to a specific printer within the queue. 


¥ The Activity pane lists the names of the documents being printed and 


5 The button bar in this window is similar to that of the Print Server Activ- 


their creator applications, the user who is printing, and the specific 
printer that is handling the job. 
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In the Show pop-up menu, you can choose to view the contents of the 
Queue Monitor window by All Jobs, Printing Jobs, Waiting Jobs, or On 
Hold Jobs. 


Working with the Print Log 


To view your Print Server's operational history, press the Print Log but- 
ton (or select the Show Log command from the Server menu bar item). 


Save Log as Text 


Print Log 
Clear All Logs 


: 

3/25/97 3:42PM AppleShare IP Print Server started. 
3/25/97 3:53PM AppleShere IP Print Server shutdown. 
7/30/97 5:45PM AppleShere IP Print Server sterted. 

A 7/30/97 S:45 PM AppleShare IP Print Server requires ‘PrintingLib’ to be present. 
7/30/97 5:45PM AppleShare IP Print Server shutdown. 

7/30/97 5:47PM AppleShere IP Print Server started. 
7430/97 5:50PM Printer ‘LJ SMP’ crested. 
7/30/97 5:50PM Queue "B&W Queue’ crested. 
7430/97 S:SOPM Printer ‘LJ SMP’ assigned to queue ‘B&W Queue’. 
7430/97 5:50PM Printer ‘LJ SMP’ attaching. 
7/30/97 S:SOPM Printer ‘LJ SMP’ current PPD file is: “HP LaserJet SMP". 
7/30/97 5:50PM Queue ‘B&W Queue’ current PPD file is: “HP LaserJet SMP”. 
7/30/97 5S:SOPM Printer ‘LJ SMP’ idle. 
7/30/97 «=97:19PM_ Printer 'LJ SMP’ printing. 
7430/97 7:19PM Printer ‘LJ SMP' idle. 
7/31/97 __ 8:28AM Printer ‘LJ SMP’ printing. 


S2 Entries <i 


FIGURE 7-26: Working with the Print Log window. 


The button bar can be used to save the log’s contents (64 Kbytes) in a text 
file, to print it, or to clear its entries. 
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The Activity pane lists significant events, such as when the server was 
started or stopped, when queues were created and deleted, and, most 
important, what jobs were printed and when. 


In the Show Log For pop-up menu, you can choose to view the contents 
of the Print Server Log window by Print server, All Queues, Waiting 
Jobs, or specific queues. 


Working with Fonts 


No discussion of printing can be considered complete without a descrip- 
tion of the fonts used across your network. 


Font Types 


Since the Mac OS is GUI, what appears on the page begins on the screen. 
Whether you are writing a report, designing a graphic, or doing 3D mod- 
eling, everything you create is translated from your keyboard strokes and 
mouse movements into a numeric code and is displayed using Quick- 
Draw. Under QuickDraw, everything is drawn by arranging 72 pixels 
within every inch of screen space. That is the screen resolution. 


RBCDEFGHIJKLMN opoggtuvwHyz 


FIGURE 7-27: Bitmap fonts are forced to conform to screen resolutions. 
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Bitmap fonts. Bitmap fonts present the text you see on the screen. 
They were used in early printers, such as the Apple ImageWriter, as well. 
The characters in bitmap fonts are created within a grid of black and 
white dots. The 72-dpi grid size corresponds to the standard screen reso- 
lution that QuickDraw uses when it draws what appears on a Macintosh 
monitor. One example is the font Chicago, which has shipped with every 
Mac OS since 1984. Its characters look round in small sizes, but if you 
look closely you can see that they comprise squared pixels. The jagged 
look is the result of forcing Chicago to conform to the 72-dpi grid. 


Bitmap fonts need multiple versions for the different sizes that are to be 
displayed on the screen. These were available in common sizes—8, 10, 12, 
14, 18, 24, and 36 points—but if you wanted a non-standard point size it 
could get pretty ugly. The Macintosh would try to expand the nearest- 
size font it had into that grid. 


PostScript fonts. Monitors use pixels to draw their images; printers 
use dots. The more dots per inch—or the denser the dot patter—the better 
the printed document looks. When printer resolution improved to sup- 
port 300 dpi and more, PostScript became available to take advantage of 
it. It added an extra level of complexity to Macintosh printing, however, 
as a special driver was required to translate the screen’s QuickDraw com- 
mands into the printer’s PostScript commands. 


Adobe's Type 1 PostScript fonts come in two types. Screen fonts are bit- 
map fonts that draw their images to the screen using QuickDraw. Printer 
fonts, or outline fonts, are used only by the printer. Both must be present in 


order to print. 


Adobe Sans MM AdobeSanMM 


FIGURE 7-28: Adobe Type 17 PostScript fonts require a “suitcase” of screen 
fonts and separate printer fonts. 
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Outline fonts use a mathematical formula of Beziér curves to define char- 
acter shapes and to enlarge or reduce the shapes to accommodate the 
highest resolution of the printer. Instead of imaging the font as a series of 
dots, Beziér curves draw an outline of the font that is then filled in with 
dots when the font is printed. 


This system makes for great printer output, but the fonts as seen on 
screen look rough. Worse, since the metrics are so different, word posi- 
tioning as seen on the screen might be very different from what comes 
out on paper. To correct this, Adobe released Adobe Type Manager 
(ATM) in 1989. This little application works like a PostScript printer to 
rasterize font outlines into the pixels needed for smooth on-screen dis- 
play. As a second benefit, ATM permits you to print PostScript fonts on 
non-PostScript printers such as the Apple StyleWriter series, HP’s Desk- 
Jet series, and even the old ImageWriter. 


version 4.0 


Adobe Ty Type Manager"4. 0 


| @om a Qor it jninlanrenliaitive. 


Character Cache Size * | Preserve . 
320K size Line 
(256) Suggested € spacing 


736K Current size @ Cheracter shapes 


Smeeoth Feat Edges en Soreen 
ifon [] Disable Smoothing at Soreen Font Point Sizes 


| [] Prectstea Character Positioning 
| [_] Enable Font Substitution i 


@ Changes to the marked items will take effect only at restart 


FIGURE 7-29: Viewing the Adobe Type Manager control panel. 


TrueType fonts. Because of these problems and licensing issues, 
Apple and Microsoft allied in 1990 to develop TrueType, an outline font 
that uses a new algorithm with QuickDraw (similar to ATM). In True- 
Type, only one outline font for each typeface is needed for displaying and 
printing the typeface to both PostScript and non-PostScript printers. 
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FIGURE 7-30: TrueType fonts can be used both on screen and with printers. 


TrueType fonts are particularly useful in mixed Macintosh/PC networks 
because they can be used with both the Mac OS and Windows. 


QuickDraw GX fonts. When I started out in newspapers, part of 
my job was to set type with a Compugraphic imagesetter. Inside this 
machine, which was about the size of a refrigerator, was photosensitive 
paper onto which light was projected through a spinning font wheel to 
produce each letter that was typed. To tell the machine which letter I 
wanted—and in what size, font, pitch, kerning, leading, style, and posi- 
tion—I had to type a ridiculously long string of commands that would 
scare a UNIX programmer. When Paul Brainerd came out with Page- 
Maker for the Macintosh 1.0 and I was given a lightening-fast MacPlus 
with an entire megabyte of RAM, it greatly improved my productivity. I 
did not have to process the film, and I could do pagination on a What You 
See Is What You Get (WYSIWYG) screen. The actual typographic quality 
was not nearly as good, however. 


In an effort to increase the quality of its printing technologies, Apple 
introduced QuickDraw GX as an add-on to System 7.5. It permits the use 
of advanced typographical controls such as ligatures, fractions, kerning, 
and tracking, and each font can support 65,000 characters. The quality 
made possible by QuickDraw GxX is impressive. 


Unfortunately, no major applications support QuickDraw Gx. It requires 
special GX-specific fonts, and it degrades performance noticeably. 


When you install QuickDraw Gx, it provides updated printer drivers and 
translates your Type 1 and TrueType fonts to be GX-compatible. Unfortu- 
nately, it only updates printer drivers for Apple products. If you have a 
printer from any other manufacturer on the network, it will seem to dis- 
appear from the Chooser and become inaccessible unless its manufac- 
turer has created its own GX drivers and you have installed them. The 
same is true for other Chooser extensions such as fax and electronic docu- 
ment drivers. 
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Finally, users cannot exchange GX fonts with users on non-QuickDraw 
GX workstations. 


Font Tips 


Whether they print to networked printers directly or to the AppleShare IP 
Print Server, your users will have the fewest printing problems if you 
adhere to the following rules: 


Avoid mixing font technologies. If possible, limit your users to just 
Type 1 or just TrueType. A lot of productivity is lost when a user cre- 
ates a document using Type 1 and exchanges it with a user of True- 
Type, who then finds that the line spacing has changed. If you have 
both Mac OS and Windows users who are not printing anything com- 
plicated, stick with TrueType. If you have users producing compli- 
cated designs or art, you will have fewer problems if you stick to 
Type 1. One caution: Remind users that they need both the screen 
font and the printer font to use Type 1. 


Use QuickDraw GX for all. If you decide to use QuickDraw Gx, 
install it throughout the organization and at the same time so that 
you can standardize on the GX fonts. Users cannot exchange these 
fonts with users of non-QuickDraw GX computers. 


Standardize your fonts. Although it is probably a bit Draconian to 
force users to use only the fonts you choose, it is a great idea to create 
at least one standard package for the organization as a whole. Users 
may then use fonts from the package for important documentation 
without fear that it cannot be printed properly by a co-worker. You 
can also pre-load these fonts into your printers’ RAM, making net- 
work printing faster since the fonts will not need to be downloaded 
first. 
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SUMMARY 


There are several ways to print from a Mac OS computer: locally from a 
workstation to an attached printer; remotely over the network to a printer 
connected to, and shared from, another workstation; remotely to a stand- 
alone network printer, such as an Apple LaserWriter; or to a Print Server, 
such as with AppleShare IP. 


The AppleShare IP Print Server speeds up network printing by taking in 
multiple print jobs and doling them out to multiple printers gathered into 
queues. The server, which is configured and monitored using the Print 
Admin application, supports 10 queues, 30 printers, and as many as 32 
simultaneous print sessions. It works with laser printers that are compat- 
ible with LaserWriter driver 8.4 and newer. 


Several font technologies can be used in Mac OS printing. To experience 
the fewest problems, it is best to standardize on a single set of fonts using 
the same technology throughout the organization. 


If speedy network printing is all- important to you, be sure to read about 
RUN, Inc.’s RunShare software in Chapter 12. 


AppleShare IP Client 
and User Support 


No matter how powerful your server computer or how feature-rich 
your server software, it will fail to live up to its full potential unless 
the people in your organization know how to use it properly. 


The first half of this chapter does not follow the format of earlier 
chapters, which were written with the AppleShare administrator in 
mind. This section is written primarily for AppleShare users. In it I 
will present a series of short procedures designed to make users 
comfortable with the basic network-related functions of the Mac OS 
computer. 


In the second half of this chapter, I will return to addressing Apple- 
Share administrators. I will tell you about some of AppleShare IP’s 
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client management features. I will also show you some advanced net- 
work management tools that can make the job of user support easier. 


CONFIGURING OPEN TRANSPORT 


To use all of the features of the AppleShare IP server, your computer 
must be using the Open Transport networking system. You can determine 
which networking components a Mac OS computer is using by looking in 
the Control Panels folder under the Apple (@) menu bar item. If you see 
a Network control panel, then the computer is using “Classic Network- 
ing” and not the newer Open Transport. MacTCP, the TCP/IP component 
of Classic Networking, will not permit faster TCP connections made pos- 
sible by AppleShare IP. 


If you see a TCP/IP or AppleTalk control panel, the computer is using 
Open Transport. Open one of these control panels, and then choose the 
Get Info command from the File menu bar item to find out what version 
is being used. 


C/A? hh SSS 


Addresses: 


This Macintosh: 38.247 .58.10 
() Hardware address: 00 05 02 48 E1 30 


Router : 38.247.58.1 


FIGURE 8-1: Determining the Open Transport version. 


To use AppleShare IP, your computer must have Open Transport version 
1.1.2 or higher installed. It may be that your computer is capable of using 
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Open Transport but that the system has not yet been enabled. In that case 
you can switch it by using the Network Software Selector application in 
the “Apple Extras” folder on your computer’s hard disk. 


© Use classic networking 
@ Use Open Transport Networking 


Open Transport is on. 


FIGURE 8-2: Switching to Open Transport with Network Software Selector. 


Select the Use Open Transport Networking button; then restart the com- 
puter to make Open Transport active. 


Configuring AppleTalk 


If your computer has Open Transport installed and is operating properly 
(you can print, see file servers in the Chooser, etc.), then you probably do 
not need to configure the AppleTalk control panel. 


Your administrator might tell you that you need to change some of the 
AppleTalk control panel’s settings in order to use the AppleShare IP 
server. In this event, you will need to know: 

e which hardware interface to use to connect to the AppleTalk network 
e your AppleTalk zone 
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FIGURE 8-3: Configuring the AppleTalk control panel. 


The AppleTalk interface is the method your computer uses to connect to 
the network. It is listed next to the Connect via pop-up menu. Your net- 
work may or may not be divided into zones. If it is, you will be able to 
make choices in the Current zone pop-up menu. Change these settings 
only in consultation with your administrator. 


Configuring TCP/IP 


If your computer has Open Transport installed and is operating properly 
(you can surf the Web, etc.), you probably do not need to configure the 
TCP/IP control panel. 


Your administrator might tell you that you need to change some of the 
TCP/IP control panel’s settings in order to use the AppleShare IP server. 
In this event, you will need to know: 


¢ which interface to use to connect to the TCP/IP network (e.g., Apple- 
Talk (MacIP), Ethernet) 


e how to get your IP address (e.g., Manually, BootP, DHCP, RARP) 


How these questions are answered will determine how much additional 
information you will need. Under some configurations, information is 
supplied to your computer by a special server (MacIP, DHCP, etc.). In 
others, you must enter information manually. The information you need 
in order to configure TCP/IP manually is: 


e your computer’s IP address (e.g., “38.247.58.200”) 
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your network’s subnet mask (e.g., “255.255.255.0”) 
your network router’s IP address (e.g., “38.247.58.1”) 


your network Domain Name Server’s (DNS’) IP address (e.g., 
“38.247.58.2”) 


your network’s domain name (such as “mysite.com”) 


The numbers above are not the actual numbers used on your network. 
Obtain the correct ones from your administrator. You may then use the 
information as directed to configure the TCP/IP control panel. For exam- 
ple, if your network administrator tells you to configure the TCP/IP con- 
trol panel manually for Ethernet, you do it like this: 


Connect via. Choose an interface in the Connect via pop-up menu. In 
this example, Ethernet. 


Configure. Choose the configuration method in the Configure pop- 
up menu—in this example, Manually. 


FIGURE 8-4: Choosing connection and configure options. 


IP Address. Type a number into the IP Address field—for example, 
“38.247.58.200.” 
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owt mest: [sd 
- ye | 
Search domains : 
Name server addr.: 


—_ 


FIGURE 8~5: Entering an IP address. 


Subnet mask. Type a number into the Subnet mask field—for exam- 
ple, “255.255.255.0.” 


FIGURE 8-6: Entering a subnet mask. 


Router Address. Type a number into the Router Address field—for 
example, “38.247.58.1.” 
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FIGURE 8-7: Entering a router address. 


Name server address. Type a number (or numbers) into the Name 
server addr. field—for example, “38.247.58.2.” 


FIGURE 8-8: Entering a name server address. 
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Search Domains. Type one or more domain names into the Search 
domains field—for example, “yoursite.com.” Close the TCP/IP con- 
trol panel when you have finished, saving your changes when 
prompted. 


0 SSS Te’ IP (etault) 


FIGURE 8-9: Entering a domain name. 


A good way to test the new configuration is to use your Web browser to 
log on to your AppleShare IP server, if Web services are available. Alter- 
nately, you may log on to another host, such as http:/ /www.apple.com, 
if you are connected to the Internet. 
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Apple Computer 
«+» 89 ¢ 4 @2@@S @ A K« @ 


Refresh Home Search Mail News Favorites Larger Smaller Preferences 
Address : [http://www .apple.com/ 


SSS sew |S 


Find lt index 


Product Information 


Customer Support 


Technology & Research 
Developer World 
Groups & Interests 
Resources Online 


About Apple 


FIGURE 8-10: Visiting the Apple Web site to test configuration (Microsoft 
Internet Explorer). 


INSTALLING THE APPLESHARE IP CLIENT 


Communications with any AppleShare or Personal File Sharing server 
require the AppleShare client. The most visible part of the AppleShare cli- 
ent is the Chooser extension, which you must click on in order to browse 


the list of network servers. Open the Chooser by selecting the Chooser 
item under the Apple (@) menu bar item. 
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&D Apple System Profiler 
€3 AppleCD Audio Player 
Q& Automated Tasks 


Color SW 1500 


Color Sw 2500 Color SW Pro 


LocalTalk 
Management 


Rd 
Server IPAddress.. 


Remote Access 


Training 
eorir bale > atl ERO 


FIGURE 8-11: Opening the Chooser (AppleShare selected). 


The AppleShare icon will be in the upper left of the Chooser window. 
Earlier versions of AppleShare client presented this icon: 


Modern versions present this icon: 
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Necessary Items for Installation 


AppleShare IP is compatible with the earlier versions, so either client will 
work for logging on to the server over AppleTalk. However, to take 
advantage of new AppleShare IP features such as TCP/IP log-ons, you 
will need the following installed on your Mac OS computer. 


System 7.5.3 or Later 


You can determine the OS version of a Mac OS computer by choosing 
About This Computer under the Apple (@) menu bar item. (If you see an 
About This Macintosh item instead, the OS version is older than System 
7.6.) 


\ ~ "Me 
BO = 
ie yi 


Mac OS computer 
4 


a. 


Built-in Memerg: 168 
Virtual Memerg: 40 M8 
Largest Unused Bleck: 21.3 MB ™ & © Apple Computer, Inc. 1983-1997 


FIGURE 8-12: Determining the Mac OS system version. 


Open Transport 1.1.2 or Later 


To determine what networking components a Mac OS computer is using, 
look in the Control Panels folder under the Apple (@) menu bar item. If 
you see a TCP/IP or AppleTalk control panel, the computer is using 
Open Transport. Open one of these control panels; then choose the Get 
Info command from the File menu bar item to find out what version is 
being used. 
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AppleShare Client 3.7 or Newer 


To see if you already have a version of the AppleShare IP client on your 
computer, look in the Chooser. If you see the modern icon, then a newer 
version of AppleShare client has already been installed. 


al 


| AppleShare 


Computers using Mac OS 8 and later already have a modern AppleShare 
client. Contact your administrator to find out if there are any newer ver- 
sions that you should be using. 


Network Installation 


The AppleShare IP client can be installed from floppy diskettes or a CD- 
ROM, but the easiest way is from the AppleShare IP server itself. Ask 
your administrator if the AppleShare IP client is available for network 
installation. If so, ask: 

e What is the name of the AppleShare IP server? 

°¢ What zone is it in (if applicable)? 

e What user name should I use? 

e What password should I use? 


e What volume should I use? 


Once you have this information, you can complete the following steps. 


Choose Server 


Open the Chooser and select the AppleShare icon in the upper left of the 
window. 
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If your network is divided into zones, these will be listed in the lower left 
of the window. (If not, there will be no list in the Chooser.) Here, select 
the zone specified by your administrator. 


All AppleShare file servers in the zone you have chosen will appear in the 
upper right of the window. Select the name of the file server specified by 
your administrator here, and press the OK button. This will open a log- 
on dialog box. 


pet OT ene 
CI ] AppleShere 5 Server — | 


LocalTalk 
Management 
Marketing 


@ Active 


AppleTalk © Inactive 


FIGURE 8-13: Locating a file server. 


Log On 


Whatever name has been entered in the File Sharing control panel (the 
Sharing Setup control panel on pre-Mac OS 8 systems) is what will 
appear in the Name field. Type the user name and the password specified 
by your administrator here. If your server permits “guest access,” you 
may select the Guest button instead. 
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Connect to the file server "AppleShare 5 
Server” as: 

© Guest 

@ Registered User 


Name: Tom Deil 


Password: [ (Two-way Scrambled) 


FIGURE 8-14: 


Connect to the file server "AppleShare 5 
Server" as: 

@® Guest 

© Registered User 


Set Passwort [ ox } 


v3.6.1 bd 


FIGURE 8-15: Logging on to AppleShare as a guest. 


Press the OK button when you have finished. This will open a volume list 
window. 


Choose Volume 


Click on the volume that contains the AppleShare Client software, as 
specified by your administrator, but do not enable the checkbox next to it. 
When you have done this, press the OK button. You will see the volume 
appear on your desktop. You may then close the Chooser. 
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a AppleShare 5 Server 


Select the items you want to use: 


FIGURE 8-16: Selecting the server volume. 


Run Installer 


Once a server volume has been mounted on the desktop, you may access 
its contents as you would any hard disk on your computer. Double-click 
on its icon to open it. 


Mac Ilox HD 


a — 


FIGURE 8-17: Opening the mounted volume. 


Open any folders specified by your administrator to find the “Install Cli- 
ent” document. Double-click on this to launch the installer. This will open 
a dialog box that contains a license agreement. Read the agreement, and, 
if you agree to its terms, press the Agree button. This will open the 
Installer window. 
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If you agree with the terms of this license, press “Agree” to install tl the software. If you do not 
agree, press “Disagree”. 


Apple Computer, Inc. Software License 


PLEASE READ THIS SOFTWARE LICENSE AGREEMENT (“LICENSE”) F= 
CAREFULLY BEFORE PRESSING THE *"AGREE* BUTTON BELOW. Be 
BY PRESSING "AGREE," YOU ARE AGREEING TO BE BOUND BY 

THE TERMS OF THIS LICENSE. IF YOU DO NOT AGREE TO THE 
TERMS OF THIS LICENSE, DO NOT PRESS “AGREE." 


1. License. The software, docwnenttion and any fonts accompanying this License 


whether on disk, in read only memory, on any other media or in any other form (the 

“Apple Software”) are licensed to you by Apple Computer, Inc. or its local subsidiary, if 

any (“Apple”). Youown the media on which the Apple Software is reconied butApple fF 
and/or Apple's licensor(s) retain tide 1 the Apple Software. The Apple Software and any fir 
copies made and/or disuibuted under this License are subject t this License. cia 


2. Permitted Uses and Restrictions. This License allows you w install and use the fi4, 
Apple Software on 4 single computer ata time. This License does not allow the Apple Fig): 
Software t exist on more than one computer ata time. You may make one copy of the 

Apple Software in machine-readable form for backup purposes only. The backup copy 

mia? inclide all convrioht <9 ee nn the sant Eyrant as narmittesl hv 


Click Install to update to version 3.? of AppleShare Client 


| Eject Disk | | Eject Disk | 


FIGURE 8-19: Viewing the installer window. 


Make sure that your computer’s startup disk is named in the Destination 
Disk section. If it is not, press the Switch Disk button until it is. Press the 
Install button when you have finished. The Installer will tell you when 
installation is complete. You will then need to Restart your computer. 
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CONNECTING WITH APPLESHARE 
IP CLIENT 


To access the files and applications stored on your network’s servers, you 
must ask your administrator the following: 

e What is the AppleTalk name of my AppleShare server? 

e What AppleTalk zone is it in (if applicable)? 

e What is the hostname of my AppleShare IP server? or 

e What is the IP address of my AppleShare IP server? 

e What user name should I use? 

¢ What password should I use? 


e What volume(s) should I use? 


Connection Steps 


Once you have the above information, you can complete the following 
steps. 


Choose Server 


Open the Chooser and select the AppleShare icon in the upper left of the 
window. Select your zone (if applicable) in the lower left; select your file 
server in the upper right. 


384 « AppleShare IP 


- * % aa — 
+ OMEN 6 ae i Reni Te RAE Ir tongs aR oe ~ ar Mn et ike ag a I a a RO Ss a 


Color Sw 1500 


t—_—=—J 
Color Sw 2500 Color SW Pro 


LocalTalk 
Management 


@ Active 
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FIGURE 8-20: Locating a file server. 


A file server might appear in more than one zone. It is best to use the 
server that is in the same zone as your own computer (as displayed in the 
Current zone pop-up menu in the AppleTalk control panel). 


Press the OK button once you have finished. 


Log On 


In the log-on dialog box, type your user name in the Name field and your 
password in the Password field. Note that only bullets appear when you 
type your password. That is so that anyone looking over your shoulder 
will not see it. 
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Connect to the fite server “AppleShare | 5 Server" 


(cancet_} ei (Set Password Password Ci«_) | 
3.7.1 


FIGURE 8-21: Logging on to AppleShare server with name and password. 


Establish owner name. Your name might be in the Name field 
already. AppleShare takes this name from the File Sharing control panel 
(the Sharing Setup control panel on pre-Mac OS 8 systems). If you want 
this feature enabled, open the control panel and type the correct name in 
the Owner Name field before you log on to a server again. 


Owner Pessword:[eceee 
Computer Name: Tom's Computer 


a File Sharing off 


ee ar 
E Start to turn on file megs This allows other 


users to access shered folders 


Program a _. 


ae Start to turn on progrem a This allowe other 
users to link to shared progrems 


FIGURE 8-22: Entering an AppleShare user name as a Macintosh owner. 
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If your administrator tells you to use “guest access,” you may select the 
Guest button instead of supplying a registered user name and password. 
Press the OK button when you have finished. 


e 


Connect to the file server “AppleShare 5 Server" 
as: 


@ Guest 
@ Registered User 


FIGURE 8-23: Logging on to AppleShare as a guest. 


Set Password. In some cases, you might be informed that your pass- 
word has expired and that you must change it. You do so at any time by 
pressing the Set Password button. 


“e 


Connect to the file server “AppleShare 5 Server” 


Old password: m=z 
New password: |__| 


FIGURE 8-24: Setting a new password. 
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Choose Volume 


In the shared item window, click on the volumes that contain the files you 
wish to work with. Only those listed in dark type are available to you. 
Your access is restricted from those grayed out. 


FIGURE 8-25: Selecting the server volume. 


Connect at startup. If you will be working with a volume regu- 
larly, you will save time when you first start up your computer by log- 
ging in to it automatically. To permit this, enable the checkbox next to 
that volume. 


FIGURE 8-26: Enabling automatic log-on. 
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Now you have two more choices. If you select the Save My Name Only 
button, you will still be prompted to enter your password when the com- 
puter starts up. If you select the Save My Name and Password button, 
you will not be prompted for any log-on information and the volume will 
be automatically mounted on the desktop. Because this could pose secu- 
rity risks, your administrator might have disabled the second option, in 
which case it will appear in gray. 


Press the OK button when you have finished. When you see the volume 
appear on your desktop, you may close the Chooser. 


Trash 


FIGURE 8-27: Opening a mounted server volume. 


This connection has traditionally been made via the AppleTalk network- 
ing protocol. However, the AppleShare IP client uses the faster TCP/IP 
networking protocol instead. It will use AppleTalk only if TCP/IP is not 
configured for use by your computer and/or the server. 


Using the Server IP Address Button 


If AppleTalk is not active on your computer, or if you are trying to con- 
nect to a file server over a network on which AppleTalk is not used, the 
server will not appear in the Chooser. Instead, press the Server IP 
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Address button in the lower right of the window to open the Server 
Address dialog box. Type the server’s hostname or IP address here, then 
press the Connect button. 


Enter the Server Address: 
afp.yoursite.com 


Aliases made of this Server will fail if TCP/IP is 
not available. 


Color Sw 1500 


| Oe 
Cobr Sw 2500 


Color Sw Pro 


Production 
Public 

Remote Access 
Training 


Server IP Address... | | —-€ 


@ Active 
Q Inactive 


AppleTalk 


FIGURE 8-28: Entering the address for the file server. 


Beware of Multihoming 


Multihoming permits the server to make its shared volumes available in 
more than one zone at the same time. This feature is a convenience, but it 
can also pose a danger. Be careful when connecting to volumes that have 
the same name but appear in different zones. It may be that they are actu- 
ally the same volume that is located on a multihoming server. If you log 
on to the same server in two different zones and then attempt to copy the 
same files from one zone’s volume to the other’s (actually the same vol- 
ume mounted twice), you will lose data! 


Re-connecting with Aliases 


You can save yourself the effort of opening the Chooser for each log-on 
by making an alias of any network volume on your desktop. To do this, 
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select the server volume and choose the Make Alias command from the 
File menu bar item. 


Stat Folders aties 


The next time you want to log on to that volume, simply double-click on 
the alias. You might be prompted to enter your user name and password, 
but you will bypass all other steps. 


The Mac OS will also create aliases for you automatically. To enable this, 
make sure that the Remember recently used items checkbox is selected 
in the Apple Menu Options control panel, and that there is a number in 
the Servers field. You can open this control panel by choosing it in the 
Control Panels folder accessible under the Apple (@) menu bar item. 


=== apple Menu Options == Bi 


Remember recently used items 


Documents: 
Applications: 
Servers: 


FIGURE 8-29: Remembering server volumes. 


If this feature is enabled, then the Mac OS will make an alias of each 
server volume that you mount and save it in the “Recent Servers” folder 
in the “Apple Menu Items” folder within the System Folder. To mount 
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any one of these volumes again, simply choose its name in the fly-out 
menu of the Recent Servers item under the Apple (@) menu bar item. 


Re-connecting with AutoRemounter 


If you have a PowerBook or an Energy Saver-equipped computer that 
“sleeps,” you may lose your server connection whenever it powers down. 
However, you do not necessarily have to log on again when the computer 
awakes. The AutoRemounter control panel will do it for you. Simply 
make sure that the After Sleep button is selected in the control panel. You 
can open the control panel by choosing it in the Control Panels folder 
accessible under the Apple (@) menu bar item. 


E] == autoRemounter 


Retmount Shared Disks : 
— | 


@ After Sleep 
GQ ort 


Connect To Disks By : 
@ automatically Remounting 


@ Always Requiring Passwords 
1.25 


FIGURE 8-30: Enabling AutoRemounter. 


If you are concerned about someone using your computer to access the 
server when you are away, select the Always Require Passwords button 
so that access will be less direct. 


Working with Mounted Volumes 


When you mount a volume on your desktop, you have access to a hard 
disk, or a folder on a hard disk, that is connected to the server. This vol- 
ume can be used in the same way you use any hard disk that is physically 
attached to your computer. You may copy files from the volume and back 
to it; you may launch applications that reside on it; and you may delete 
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files from the volume by dragging them to the Trash and emptying it. The 
only difference you will notice is that reading data over a network is 
slower than reading it from a local hard disk. 


To disconnect from the AppleShare server, drag the server volume icon 
to the Trash. This will not delete any files on the volume. When you shut 
down the computer, you are disconnected automatically. Also, the 
AppleShare administrator can disconnect you using the AppleShare file 
server software if necessary. 


On occasion, you may be disconnected because of a network or file server 
failure. In that case, you will be warned with a dialog box: 
a “appleShare 5Servervia TO/iP* 


The file server has closed down [843 PM on 6/0797]. 


Cx 


If you were running an application that resides on the mounted volume 
that was disconnected, all of your unsaved work may be lost. For this rea- 
son it is wise to run applications from your local hard disk, and not from 
the server, whenever possible. 


If you were working on a document that resides on the mounted volume 
that was disconnected, your work will not necessarily be lost. That docu- 
ment and your recent changes to it should still be present in your com- 
puter’s memory. To preserve them, use the Save as command under the 
application’s File menu bar item to save the document to your com- 
puter’s hard disk. 
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Ge Macintosh HD 
123649K available 


Save Current Document as: 


Save File as Type: 


Word Document | 


FIGURE 8-31: Using the Save As command. 


Connecting from a Remote Location 


If you have a PowerBook or a Mac OS home computer and you wish to 
connect to your AppleShare server from a remote location, you have sev- 
eral options. 


AppleTalk Remote Access Version 2 


AppleTalk Remote Access (ARA) software uses a special AppleTalk 
Remote Access Protocol (ARAP) to connect two Mac OS computers over 
telephone lines. To take advantage of this service, your network must 
have an ARA server for your computer to call using a modem. If your 
administrator confirms that this service is available and that your user 
account has been enabled to use it, you will also need to know what tele- 
phone number your computer must dial to connect. 


To use ARA, first select the Remote Only item in the AppleTalk control 
panel’s Connect via pop-up menu. 
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Fi === Appletalk (Default) 


FIGURE 8-32: Enabling Remote Only AppleTalk access. 


Note that no zones are listed while you are off-line. When you have 
logged on to the ARA server, you may find that the zone in which your 
remote computer resides is not the same as the one that your desktop 
computer is in, or that the AppleShare server is in. 


Next, launch the Remote Access Client application, usually found in the 
“Remote Access Client Folder” inside the “Apple Extras” folder. This 
software permits you to create connection documents, which you config- 
ure with your AppleShare user name and password and the telephone 
number for the ARA server. 


€. Registered User Q Guest 


Name: 


oO Save my password 


Connect To: 


nano: 


. “ - (] Use DialAssist 


FIGURE 8-33: Configuring an ARA document. 
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If you are dialing in from far away or from a hotel room, the DialAssist 
control panel can help you by adding dialing codes (e.g., 1-, 9-, etc.) and 
area codes automatically. You can also configure it to permit each call to 
be billed to a calling card or credit card. Enable this by selecting the Use 
DialAssist checkbox and pressing the Setup button that becomes active. 


Conrect From: 


th City/Area Code: [ais | 


Country: (United States | 


Dialing Setup: 
Prefix: [ OutsideLine-9 | | 
Long Distance Access: (BiaTT LSD 
suttix: (Fy Caning Cord 1S) 
Edit: 


FIGURE 8-34: DialAssist control panel. 


Next, select the Remote Access Setup command under the Setup menu 
bar item. In the Remote Access Setup window, you must select your 
modem type and the port to which it is connected. 


SEE Ed ‘mo aL Ct ; 9 Se — 
SS oe aa a he 


e& Modem Setup 
Modem : 
Modem Speaker: @On Goff 
Dialing: @ Tone G Pulse 
[J ignore dial tone 


((] Use MNP 10 error correction in modem 


FIGURE 8-35: Selecting the modem. 


Press the Connect button when you have finished configuring an ARA 
document. Once connected, you may use AppleTalk network services as 
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if you were connected directly to the network. For example, you can 
print, log on to file servers, or check your email. The only difference is 
that each transaction will be slower. 


You can quit the ARA client application once you are connected. When 
you want to log off, select the Remote Access Disconnect item under the 
Apple (@) menu bar item. 


To save time in future log-ons, make an alias of a server volume that you 
will connect to remotely. When you double-click on the alias, ARA will 
be launched automatically and will dial in to make the connection. 


ARA version 2 was designed to give you remote access to AppleTalk- 
based network resources such as printing and AppleShare and Personal 
File Sharing. It was not designed to provide access to TCP/IP-based ser- 
vices directly, such as the AppleShare IP Web & File Server or Internet 
email. These services can be provided if your network is equipped with 
the Apple IP Gateway. Contact your administrator to determine if this is 
a possibility. 


Open Transport/PPP 


If your network has an AppleShare IP server, you might be able to log on 
to it via the Internet. This will not give you access to AppleTalk-based ser- 
vices such as AppleShare, Personal File Sharing, printing, or some email 
systems, but it will give you access to the AppleShare IP Web & File 
Server and Internet email. Contact your administrator to determine if 
your network is accessible via the Internet. 


To make this possible you should have an Internet Service Provider (ISP) 
that permits dial-up access to the Internet using the Point-to Point Proto- 
col (PPP). This protocol does for TCP/IP what ARA does for AppleTalk. 
It can be used if your computer is running System 7.5.3 or newer and 
Open Transport. 


If you have System 7, you might need the free Open Transport /PPP soft- 
ware from Apple. It must be installed after Open Transport TCP/IP. 
Once installed, it makes a new option available to you in the Connect via 
pop-up menu: PPP. 
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as ieep (netcomcom) 


Conneot via: 


set 


Configure: (Manuaty SJ Select Hosts File... 


: [192.187.167.469 
: will be supplied by server > 


: will be supplied by server > 


+? 1192.100.61.101 
192.100.81.105 


FIGURE 8-36: Configuring the TCP/IP control panel for PPP. 


Configure the TCP/IP control panel according to the instructions of your 
ISP. 


Next, open the PPP control panel from the Control Panels item under the 
Apple (@) menu bar item. Here enter your user name, password, and the 
phone number of your ISP’s PPP server. 
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FIGURE 8-37: Configuring the PPP control panel. 


Press the Connect button to open the connection. Once you are logged on 
to the Internet, you may gain access to your network’s AppleShare IP 
Web & File Server and Mail Server. 


In addition to MacPPP and Apple’s Open Transport/PPP, you may be 
able to use other applications possibly supplied to you by your ISP, such 
as FreePPP, MacPPP, or MacSLIP. These are configured in much the same 
way. Follow the instructions that accompany them for specifics. 


AppleTalk Remote Access Version 3 


Later versions of System 7 shipped with ARA version 2. At about the 
same time that Mac OS 8 was released, Apple began shipping ARA ver- 
sion 3. The newer version can connect with servers using the traditional 
ARAP or the Internet-standard PPP. Contact your administrator to deter- 
mine if your network is equipped to permit access via ARA version 3. 
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Using Location Manager 


If you have a PowerBook and regularly move between two or more loca- 
tions, such as home and office, you will find a time-saver in Apple’s Loca- 
tion Manager. This control panel permits you to set up profiles of 
multiple locations that include your network settings. 


location Name: 


System Settings =— Settings for thia Lecetion 
Auto-Open item Default Printer 

e Default Printer Extensions Manager 
Extensions Manager Networking 

File Sharing Time Zone 

Networking 

Sound 


Time Zone 


© = The system values for this setting have changed since it was added to this location 
To save the new values to this location, seleot the setting and then click the “Update ” button. 


System Yalees fer “Networking” Lecation Velues for “Metwerking” 


AppleTalk Configuration: “Scion Networks” AppleTalk Configuration: “Scion Networks” 
TCP/IP Configuration: “scionnet.com” TCP/IP Configuration: “acionnet.com” 


FIGURE 8-38: Choosing settings to remember in profile. 


When you change locations, all you need to do is switch profiles to go on- 
line without further configuration changes. This software is compatible 
with System 7.6 and newer, and ships with Mac OS 8. 
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== cocation Manage > 8B 


FIGURE 8-39: Changing configuration for a different location in Location 
Manager. 


WORKING WITH ACCESS PRIVILEGES 


One way to control access to the files on your computer’s hard disk is by 
allowing or denying physical access to the machine. When files are stored 
on a public file server, however, another method must be used. Apple- 
Share controls who will be given access to which shared volumes, and 
any folders and files within them, through access privileges. 


Two access schemes are possible depending on the version of the Mac OS 
your computer uses. 


System 7 Access Privileges 


Under System 7, the following privileges are possible: 
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See Folders. You may open a folder to see any other folders it con- 
tains. 


See Files. You may open a folder, see the folders and files inside, and 
open those files. 


Make Changes. You may open a folder, see the folders and files 
inside, and open, move, modify, delete, or write files. 


Each access privilege can be applied singly or in combination to any 
folder, creating the possibility of several access levels. How you apply 
these combinations is important. The Make Changes privilege will let you 
delete a file, for example, but only if you have the See Files privilege to 
see it! 


You need the following access privileges to perform the following tasks: 


Copy a file to a shared folder: Make Changes. 

Copy a file from a shared folder: See Folders and See Files. 

Copy a folder to a shared folder: See Folders and Make Changes. 
Copy a folder from a shared folder: See Folders. 


Create a file in a shared folder: See Folders, See Files and Make 
Changes. 


Create a folder in a shared folder: See Folders and Make Changes. 
Delete a file in a shared folder: See Files and Make Changes. 
Delete a folder in a shared folder: See Folders and Make Changes. 


Move a folder to another folder in a shared folder: See Folders and 
Make Changes. 


Move a folder from a shared folder: See Folders and Make Changes. 
Open and use a file in a shared folder: See Files. 


Save changes to a file in a shared folder: See Files and Make 
Changes. 


AppleShare does not share individual files, so all access privileges apply 
only to a given file’s enclosing folder. 
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Viewing System 7 Access Privileges 


Access privileges are set either by the AppleShare administrator or by an 
AppleShare user who has created a folder on a server volume. You can 
determine what your access privileges to a given folder are in one of the 
three ways explained in the following sections. 


Folder icons. 


Tabbed Folder. This icon means that you are the owner of the folder 
and so have See Folders, See Files, and Make Changes privileges. 


Plain Folder. This icon means that you do not own the folder, but 
you have some access privileges to it. 


Folder with Arrow. This icon means that you have only Make 
Changes privileges. You can copy a file or folder to it, but you may 
not open it or see what is inside. This is called a “drop box.” 


Locked Folder. This icon means that you have no access privileges to 
the folder. 


roy tee? 


Directory windows. When you open a folder, you can see which 
access privileges you have to the folders it contains by looking at the 
menu bar of the directory window. 


Crossed-out File. This icon means that you are not allowed to see en- 
closed files. 


Crossed-out Folder. This icon means that you are not allowed to see 
enclosed folders. 


Crossed-out Pencil. This icon means that you are not allowed to 
write (save or copy) anything to the folder. 


Crossed-out Pencil/Crossed-out Folder. These icons together mean 
that you are not allowed to write to or see folders. 


Crossed-out Pencil/Crossed-out File. These icons together mean that 
you are not allowed to write to or see files. 


Cosa e 


3S 


Sharing window. You may also select a folder and choose the Shar- 
ing command from the Finder’s File menu bar item. This will show you 
who owns the folder and what privileges have been granted either to you 
or to your Group. 
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Where: PowerBook HD: 
4 “4 


[EX] Share thts item and its contents 


Sco Sco Make 
Foklers Files Changes 


[_] Make all currently enclosed follerPike.this one 


[_] Can’t be moved, renamed or deleted 


FIGURE 8-40: System 7 File Sharing access privileges. 


Assigning System 7 Access Privileges 


If the AppleShare administrator has given you sufficient access privi- 
leges, you may create a folder and set your own privileges for it. To do 
this, select a folder that you own on a mounted volume and choose the 
Sharing command from the File menu bar item. 


A window will appear. To access this shared folder, a user must fall into 
one of three categories: 


Owner. This is you, the person who created the folder that is being 
shared. 


User/Group. This can be one other individual if a user is selected, or 
several people if a group is selected. 


Everyone. If a user is not specifically listed in the Owner or User/ 
Group field, either directly or by group association, that user will not be 
allowed access to your folder unless you assign access privileges to this 
category. This makes the folder available to any other registered Apple- 
Share users as well as to anyone else who logs on using the guest account, 
if guest access is permitted on your server. Before enabling access to this 
category, check with your AppleShare administrator to make sure that 
doing so does not violate policy. 


404 ¢ AppleShare IP 


Everyone 


Enable the checkboxes of the privileges you want to assign. 


See See Make 
Folders Files Changes 


ow 


Select no checkboxes when you want to restrict access. 


Everyone L] L] L] 


To ensure that no one can alter or throw away the folder, select the Can’t 
be moved, renamed or deleted checkbox. To assign these same access 
privileges to all folders within the selected folder, enable the Make all 
currently enclosed folders like this one checkbox. 


[x] Make all currently enclosed folders like this one 


[x] Can’t be moved, renamed or deleted 


If you want the folder you have created to have the same access privileges 
as the folder in which it is contained, just enable the Same as enclosing 
folder checkbox. 


[x] Same as enclosing folder 
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Transferring System 7 Access Privileges to Apple- 
Share IP 


The See Folders, See Files, and Make Changes access privileges that 
AppleShare and System 7 use are not the same as the access privileges 
AppleShare IP and Mac OS 8 use. As a result, you can enable access priv- 
ilege combinations on a System 7 machine that will not actually take 
effect on an AppleShare IP server! Those that will are: 


e See Folders and See Files. 
e See Folders, See Files, and Make Changes. 
¢ Make Changes. 


Mac OS & Access Privileges 


bed 


f er. 
© 3 
i] 
ry Ly 
be i 


* 
73 * 
*% tn 2 


Under Mac OS 8, the following privileges are possible: 


Read & Write. You may open a shared folder to see what folders and 
files it contains; you may copy folders and files to and from the shared 
folder; and you may open, create, move, modify, and delete folders 
and files within the shared folder. 


Read Only. You may open a shared folder to see what folders and 
files it contains; you may copy folders and files from the shared 
folder; and you may open folders and files within the shared folder. 


Write Only. You may only copy folders and files to the shared folder. 
A folder with such access privileges is commonly called a “drop box” 
because you can copy data into it but you cannot open it to see what 
else is inside. 

None. You may not open the shared folder to see what is inside, or 
copy folders and files to or from it. 


These access privileges are not used in combination, so assigning them is 
easier. Here are the privileges necessary to perform the following tasks: 


e Copy a file to a shared folder: Read & Write or Write Only. 
e Copy a file from a shared folder: Read & Write or Read Only. 


406 « AppleShare IP 


e Copy a folder to a shared folder: Read & Write or Write Only. 

¢ Copy a folder from a shared folder: Read & Write or Read Only. 
e Create a file in a shared folder: Read & Write. 

e Create a folder in a shared folder: Read & Write. 

e Delete a file in a shared folder: Read & Write. 

e Delete a folder in a shared folder: Read & Write. 


e Move a folder to a folder in a shared folder: Read & Write or Write 
Only. 


e Move a folder from a shared folder: Read & Write. 
e Open and use a file in a shared folder: Read & Write or Read Only. 
¢ Save changes to a file in a shared folder: Read & Write. 


AppleShare does not share individual files. All access privileges apply 
only to a given file’s enclosing folder. 


Viewing Mac OS 8 Access Privileges 


Access privileges are set either by the AppleShare administrator or by an 
AppleShare user who has created a folder. You can determine what your 
access privileges to a given folder are in one of three ways: 


Folder icons. 
Tabbed Folder. This icon means that you are the owner of the folder, 


and so have Read & Write privileges. 


Plain Folder. This icon means that you are not the owner of the 
folder, but you have some have access privileges to it. 


Folder with Arrow. This icon means that you have just Write Only 
privileges to the folder. You can copy a file or folder to it, but may not 
see what is inside. This is called a “drop box.” 


Locked Folder. This icon means that you have no access privileges to 
the folder. 


a mT 
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Directory windows. When you open a folder, you can see which 
access privileges you have to its folders by looking at the title bar of the 
directory window. 


Crossed-out Pencil. You are not allowed to write (save or copy) any- 
thing to the folder. 


Lock. The folder is locked (cannot be moved, renamed, or deleted). 


Read & Write === 


> Ne | More Stuff 
> QR stil More stutr 


Lock/Crossed-out Pencil. You are not allowed to write to the folder, 
and the disk is locked (cannot be moved, renamed, or deleted). 


Sharing window. You may also select a folder and choose the Shar- 
ing command from the Finder’s File menu bar item. This will show you 


who owns the folder and what privileges you or the group you belong to 
have. 


0 === Tom Dell’s Shared files Ss 


al Where: Macintosh HD: 


[.] Can’t move, rename, or delete this item 
[4 Share this item and its contents 


Owner: (Webmester 7.3) | 
User/Group: (Scion People (12) |  (s} 


Copy these privileges to all enclosed folders (_copy_} 


FIGURE 8-41: Mac OS 8 File Sharing access privileges. 
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Assigning Mac OS & Access Privileges 


If the AppleShare administrator has given you sufficient access privi- 
leges, you may create a folder and set your own privileges for it. To do 
this, select a folder that you own on a mounted volume and choose the 
Sharing command from the File menu bar item. 


A window will appear. To access the shared folder, a user must fall into 
one of three categories: 


Owner. This is you, the person who created the folder that is being 
shared. 


User/Group. This can be one other individual if a user is selected, or 
several people if a group is used. 


Everyone. If a user is not specifically listed in the Owner or User/ 
Group field, either directly or by group association, that user will not 
be allowed access to your folder unless you assign access privileges 
to this category. This makes the folder available to any other regis- 
tered AppleShare users as well as anyone who logs on using the 
guest account, if guest access is permitted on your server. Before 
enabling access to this category, check with your AppleShare admin- 
istrator to make sure that it is safe to do so. 


Name 


Owner: Tom Dell 
User /Group: 


Everyone 
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Privilege 


| F (3) 
|S (3) 
Fag 


The Privilege pop-up menus enable the access levels you want to assign. 
Use “none” in the pop-up menu to disallow any access. Select the Can’t 
move, rename or delete this item checkbox to ensure that no one can 
alter or throw away the folder. To assign these same access privileges to 
all folders within the selected folder, press the Copy button. 


Everyone | -- [$] 


Lf Can’t move, rename, or delete thi s item 


Copy these privileges to all enclosed folders | Copy | 


If you want the folder you have created to have the same access privileges 
as the folder that contains it, just enable the Use enclosing folder’s privi- 
leges checkbox. 


-[vf Use enclosing folder's privileges — 
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USING PERSONAL FILE SHARING 


Depending on the rules governing your network’s usage, you may be 
able to share folders from your hard disk in the same way the AppleShare 
file server does. This has been possible since the release of System 7 with 


Personal File Sharing. 


Working with Personal File Sharing 


Personal File Sharing works in the same manner as an AppleShare file 


server, although it is not as robust. 


Personal File Sharing Limitations 


Connected users 

Outstanding requests 

Open files 

Simultaneous launches 

Physical volumes 

Physical volume size 

File size 

Shared items 

Users in Users & Groups Data File 
Groups in Users & Groups Data File 
Group memberships per user 
TCP Access 

Web Access 


10 

4 Gbytes 
2 Gbytes 
10 

100 

100 
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Create Shared Folder 


Before you enable Personal File Sharing, it is best to create one folder that 
will contain all of the files that you want to share with others on your net- 
work (e.g., “My Shared Files”). You can share your entire hard disk, but 
this is a bad idea because it might leave your private files and system soft- 


ware open to tampering. 


My Shared Files 


Create Users and Groups 


Because it is assumed that you do not want to share the data on your hard 
disk with just anyone, the Mac OS uses a system of password-protected 
user and group accounts to restrict access to certain people. Your Apple- 
Share administrator is responsible for establishing user and group 
accounts on the AppleShare server. You may create similar accounts for 
access to your personal computer. To do this, choose the Users & Groups 
control panel from the Control Panels folder accessible under the Apple 
(¢) menu bar item. 


FIGURE 8-42: Creating users and groups. 
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Four types of accounts can be used to share items on your hard disk. 


E. Owner. This is your account, as you are the owner of the computer. It 
is created automatically under the name that is typed in the Owner Name 
field of the File Sharing control panel (the Sharing Setup control panel 
under System 7). This account gives you full control over the folders on 
your computer when you log on from another machine, such as a home 
computer. 


User. Each user account includes a name for an individual to whom 
you wish to grant access. For security, it can also include a password. You 
can create a user account by pressing the New User button. 


[ef Allow user to change pessword 


FIGURE 8-43: Creating a new user. 


E, Groups. Each shared folder can be shared with one other person via a 
user account. If you want to share with multiple users, you must make 
them part of a group account. 


To create a group account, press the New Group button. In the window 
that opens, name the group; then drag the users you wish to add from the 
Users & Groups window to the Group window. 
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Users & Groups 


8 Ee con 


@? Coworkers 


eb Guest Sia 
G3 Tom Det} a | iee[Covorkers : 


" eyantye To sy ae a 
To add a user to this group, drag the user below: 


FIGURE 8-44: Creating a new group. 


Guest. The guest account is special in that it does not provide the 
same security constraints of the user account. It permits anonymous users 
to log on to your computer, so use it only when there is no data in your 
shared folder that is private. Guests should usually be given limited 
access privileges (e.g., Make Changes or Write Only). 


For maximum security, it is best to disable guest access by de-selecting 
the Allow guests to connect to this computer checkbox. 
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LJ Allow guests to connect to this computer 


fe 
} (_] Allow queste to ink to programs on this computer 


FIGURE 8-45: Disabling guest access. 


Enable File Sharing 


After you have established users and groups, you may turn on File Shar- 
ing. To do this, open the File Sharing control panel (the Sharing Setup 
control panel under System 7), and press the Start button. 


7 = Alte Sharing = SB 
start/stop | 


Network Identity iF 
Owner Name: [Tom Dee 
Owner Password: | 

Nore: 


File Sharing off 
Status 


F k Start to turn on file shering. This allows other 


gers to access shared folders. 


Program Linking off 
Status 


Ee Start to turn on program linking. This allows other 


users to link to shared programs. 


FIGURE 8-46: Turning on File Sharing. 
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Share Folder 


Just turning on File Sharing does not complete the process. You must des- 
ignate which folder you want to share, which users and groups will have 
access to it, and with what access privileges. 


= My Shared Files. 


Macintosh HD: 


hye renaneor delete this item 
bf Share this item and its contents 


I 1 


Privilege 


oveer: (Tone ——T5) [ F () 
User /oreuy =e 
Everyone [ -- (8s) 


Copy these privileges to ali enclosed foiders 


FIGURE 8-47: Sharing a folder. 


It takes a few minutes for Personal File Sharing to start up. When it is on, 
select a folder that you wish to share and choose the Sharing command 
under the Finder’s File menu bar item. In the window that this opens, 
select the Share this item and its contents checkbox. Close the window 
after you have assigned access privileges. 
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al where: Mect ntosh HD: 


(CJ Can*t move, rename, or delete this item 
{4 Shere this item andis 


Privilege 


ever Lac 
a bac 
Ever yone [-- (3) 


eerie apes 


Copy these privileges to all enclosed folders 


FIGURE 8-48: Folder ready for sharing. 


N 


My Shared Files 


The icon of the folder will change to show you that it is being shared. 
When a user logs on to the folder, the icon will change to reflect this as 
well. To a network user, your computer now appears in the Chooser just 
like any other AppleShare server. 


rel 


My Shared Files 
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Select a file server: 
| AppleShare 5 Server 
Acrobat™ PDF Writer i Tom‘s Computer 


Cokr Sw Pro 


AppleTalk Zones: 


LocalTalk 
Management 
Marketing | | 
Production oe 
pubic 
Remote Access a 
Training 


Active 
AppleTalk . Inactive 


FIGURE 8-49: File sharing computer as seen in the Chooser. 


You can see which users are logged on to your computer by opening the 
File Sharing control panel and pressing the Activity tab. (This function is 
performed by the File Sharing Monitor control panel under System 7). 


Shasta Activity The computer tends to run more slowly 
en ill 88 sharing ectivity incresses. 
idle Busy 


Connected Users 


FIGURE 8-50: Viewing user activity. 


418 « AppleShare IP 


If you wish to log off a user, press the Disconnect button. If you wish to 
change the privileges associated with a shared folder, press the Privileges 
button. 


USING PERSONAL WEB SHARING 


Apple’s Personal Web Sharing gives you the ability to host your own 
Web site from your Mac OS computer. It comes as a part of Mac OS 8. 


To enable this feature, open the Web Sharing control panel from the Con- 
trol Panels item under the Apple (@) menu bar item. 


Web Sharing 


Web identity 


My Address: Web Sharing not active 


Web Folder: Mecintesh HD:Web Pages: 
Home Page: default.htmi 


al Web Sharing Off 
(stare) @ Give everyone read-only access. 


© Use File Sharing to control user access. 


Status 
in Start to allow users to access your web folder. 


FIGURE 8-51: Enabling Personal Web Sharing. 


In the Web Sharing window, use the topmost Select button to choose a 
folder that will contain your Web pages. By default, the Mac OS creates a 
“Web Pages” folder for this purpose. Next, use the second Select button 
to choose your home page, which must be placed in the designated Web 
Folder. This is the page browsers will first see when they visit your com- 
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puter. By default, the Mac OS places several sample pages in your Web 
Folder that can be used for initial testing. 


Before you launch Web Sharing, you might ask your administrator to 
give your computer a hostname on the DNS server (e.g., “www.me.my 
site.com”). This might be easier for visitors to remember than the IP 
address of your computer, but either will work. 


You may try out your Web Sharing by pressing the Start button. 


Gay Web Identity 
= My dress: - http: iNew strdell som 
arity 738;247.50.10 
Web Folder: Mecintoah HOsweb Pages: 
Home Page: default. htmt Select. 


ere Sharing On 
@ Give everyone read-only access. 
@ Use File Sharing to control user eccess. 


iy be ee er ee ee Pk 
te i ie in ail shared folder are currently avetleble to ali 


FIGURE 8-52: Turning Web Sharing on. 


Give the address of your computer to other users who have a Web 
browser. They should now be able to log on to your computer and see 
Apple’s sample pages. 


420 « AppleShare IP 


=== Personal Web Sharing 


Address: [http://www .trdell.com/ 


Mac OS 


Welcome to Mac OS 
Personal Web Sharing 


This page is being served from your Mac OS computer. If you're a 
connected to the Internet, you can make it available to everyone in § 
your organization, regardless of the browser or the computer they 
use. 


FIGURE 8-53: Viewing sample pages. 


Personal File Sharing does not need to be running on your Macintosh, 
since Web Sharing is not dependent on it. If you want to restrict your 
Web site to network users only, however, you can use the same accounts 
that are used by Personal File Sharing if you select the Use File Sharing 
to contro] user access button. If you select the Give everyone read-only 
access, you will not have to worry about strangers uploading anything to 
your computer’s hard disk, but strangers will be allowed to see your Web 


pages. 


For security reasons, Web access is allowed only to the designated Web 
Folder and folders within it. 


Creating Your Own Web Pages 


There are a variety of ways to create your own Web pages to replace the 
sample pages from Apple. The easiest is to use an HTML editor such as 
Claris HomePage. 
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FIGURE 8-54: Making a Web page with Claris HomePage. 


When you have created a new home page, use the Select button to pub- 
lish it on the Web. 


Using Directory Listing 


If someone uses only the hostname or IP address of your computer to 
access it from a Web browser, they will be presented with your home 
page. But if they use a folder name in addition to the hostname or IP 
address, Web Sharing will generate a HyperText directory listing. This 
makes sharing files with people on the Internet as easy as sharing files 
over the office network. 
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21 items Name Size Date Modified 


Attn Asa a renvan _ ae —<—— a - dette 


AssetDB.fmp 260K FileMeker Pro document Thu, May 15, 1997, 11:23 PM 
AssetDB.hgx 352K Stuffit Expander™ document Tue, Aug 5, 1997, 10:15 AM 
CNOC97.HOX 646K Stuffit Expander™ document Tue, Aug 5, 1997, 10:15 AM 
CNDC97.ndf 475K Acrobat™ Exchange document Tue, Jan 25, 1997, 3:00 PM 
CNDC97SL.HOX 961K Stuffit Expander™ document Tue, Aug 5, 1997, 10:15 AM 
CNDCO7sl pdf 721K Acrobat™ Exchange document Mon, Feb 3, 1997, 7:23 PM 
FW26.hgx 4.7MB Stuffit Expander™ document Tue, Aug 5, 1997, 10:17 AM 
FW26.pdf 3.4MB Acrobat™ Exchange document Mon, Mar 3, 1997, 5:36 PM 
NETOWP.HOX 200K Stuffit Expander™ document Tue, Aug 5, 1997, 10:18 AM 
netOwp.pdf 147K Acrobat™ Exchange document Tue, Feb 25, 1997, 10:24 AM 
README 1K SimpleText document Thu, Mar 27, 1997, 1:47 PM 
TOKS96.HOX 1.5MB Stuffit Expander™ document Tue, Aug 5, 1997, 10:16 AM | 
TOKS96.PDF 1.1MB document Wed, Mar 26, 1997, 10:16 AM Bi} 
TDOMT97 1.8MB Microsoft PowerPoint document Thu, May 15, 1997, 12:05 PM [. 
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Li 
B 
A 
B 
Bi 
B 
nt 
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O 
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FIGURE 8-55: Personal Web Sharing’s directory listing feature (Microsoft 
Internet Explorer). 


Using Personal LogDoor 


Personal Web Sharing does not provide an Activity window like that of 
Personal File Sharing. However, you can use an inexpensive application 
from Open Door Networks, Inc. to see how many “hits” your personal 
Web site is getting. This application is called Personal LogDoor. 
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QS == Personal logDoor = BB 
Last Access te http ://38.247.58.10 

8/7/97 42:48PM Status:OK Bytes: 1198 

Referrer : http://www .sotonnet.com/scion1 /Scton1 f htm 

URL: /graphics/dett1 21r gif 


Hits 


Errors 


405 AM 8/7/97 4200 PM 33 Hits 1 Errors 


b 


FIGURE 8-56: Using Personal LogDoor to monitor activity. 


Visit the Open Door Web site at http://www.opendoor.com for more 
information. 


USING APPLESHARE IP EMAIL 


The majority of Internet email is handled by mail hosts using Simple Mail 
Transfer Protocol (SMTP), the standard supported by AppleShare IP. 
Many software companies make Post Office Protocol (POP) clients that 
can connect to SMTP servers via TCP/IP. Examples include Claris 
Em@iler, Microsoft's Internet Explorer, Netscape’s Navigator and Com- 
municator, and Qualcomm’s Eudora. 


Claris Em@iler (version 2) can also log on to the AppleShare IP server 
over AppleTalk. 
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Connecting over TCP/IP 


If AppleShare IP email is available on your network and your account has 
been enabled to use it, you will need to ask the following questions to set 
up your email client software for use over TCP/IP: 


¢ What is my Internet alias? 

e What is my email address? 

e What is the hostname of my server? 

e Should I enable Authenticated Post Office Protocol (APOP)? 


Many applications can be used to receive Internet email, including many 
Web browsers. Contact your administrator to determine which one you 
should use. 


Internet Config 


Many Internet applications, and even Mac OS 8 itself, install the Internet 
Configuration System or “Internet Config.” This is a freeware application 
designed to make the lives of Mac OS users easier by reducing the num- 
ber of times they need to enter preferences into various Internet pro- 
grams. This is the best place to configure your email account information, 
because the information then becomes available to all “Internet Config- 
aware” utilities that you might use (e.g., email application, Web browser, 
etc.). 


Locate your copy of Internet Config. If you do not have one, it can be 
found on numerous Internet software archives. If your computer uses 
Mac OS 8, it can be found in the “Internet Utilities” folder within the 
“Internet” folder. 
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FIGURE 8-57: Using Internet Config. 


Press the Email button to open a preferences configuration window. 


tom@trdeli.com 
| emai Account 
Email Password: 
| SMTP Host: 
Email Headers: 


1 On New Mail: ( Flash Icon 
(Cj Display Dialog 


Cj Play Sound Droplet v 


— = 


FIGURE 8-58: Configuring Email preferences. 


Here, enter your email address in the Email Address field. This is the 
address you give out to other people. It includes your Internet alias, as 
supplied by your administrator, and your organization’s domain name 
(e.g., “me@mysite.com”). In most cases, you will type the same thing into 
the Email Account field, but your administrator may give you a longer 
name to type here (e.g., “me@pop.mysite.com,” “me@smtp.mysite.com,” 
etc.). Enter your AppleShare IP password in the Email Password field (or 
leave it blank for greater security). Finally, enter the hostname of your 
AppleShare IP Mail Server in the SMTP Host field (e.g., “smtp.mysite 
.com”). 
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These preferences will now be available to other Internet applications. 
Some applications will look for Internet Config automatically. Others, 
such as Claris Em@iler Lite, which ships with Mac OS 8, will require that 
you enable a preference. If your email application is not Internet Config- 
aware, you can enter this information directly into the appropriate fields. 


Browser 


Filing Cabinet Macintosh HD 
——— = Internet Service Entry == . 
[Pra Browse the Internet 


Account namie: 


Kail 


Atac O§ info Center 


Emafl password: 
SMTP host 


TT Do net delete reed messages 
[T Ignore siresdy reed messeges 


"0 in list, O selected 


Connection: Idie 


FIGURE 8-59: Enabling an Internet Config preference in Claris Em@iler Lite. 


Using APOP 


Some applications permit the use of Authenticated Post Office Protocol 
(APOP), a more secure way of downloading email from the server to 
your client application. If your administrator has enabled this on your 
server, you must also enable it on the email client so that you can connect. 
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Connecting over AppleTalk 


If AppleShare IP email is available on your network and your account has 
been enabled to use it, you must ask the following questions to set up 
your email client software for use over AppleTalk: 

¢ What is my Internet alias? 

e What is my email address? 

¢ What is the AppleTalk name of my server? 

e¢ What zone is my server in? 

AppleTalk-based email can be retrieved using Claris Em@iler version 2. 


This application was designed to exchange email with the Claris Office- 
Mail server, but it can also be used with AppleShare IP. 


To enable AppleTalk email access, you will need to configure an “Office- 
Mail” account in Claris Em@iler. 


Acoount name: [Tom Dell : 
Full name: [Tom Dell 
Emaiinime: [Tom 


FIGURE 8-60: Configuring a Claris Em@iler 2 account. 


In the Account Name field, enter your AppleShare IP user name. Enter 
your full name as you would like others to see it in the Full name field. 
Enter your Internet alias in the Email name field. Enter your AppleShare 
IP password in the Password field (or leave it blank for greater security). 
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Next, press the Choose Server button. In the window that appears, select 
the zone and the server name as specified by your administrator. 


AppleTalk Zones: Claris Office Mail 


Localtalk AppleShare 5 Server gg 
Management 
Marketing 


Production 


Public 


Remote Access 
Training 


FIGURE 8-61: Choosing the server. 


Email Conventions 


Email was designed to handle relatively small text messages. However, it 
has evolved as a means of exchanging larger documents through the use 
of enclosures or attachments. For the best possible performance and reli- 
ability, make sure that any email enclosure you send is as small as possi- 
ble, and in a format that the recipient can use most easily. 


Compression 


One way to reduce the time it takes to move an enclosure file through an 
email system is to compress it. This can be done easily using the Stufflt 
series of utilities from Aladdin Systems. The DropStuff application will 
compress files. Simply drag a file onto its icon to create a compressed 
copy that can be enclosed with your email. The Stufflt Expander applica- 
tion can be used to de-compress enclosures when you receive them. 


Chapter 8: AppleShare IP Client and User Support « 429 


FIGURE 8-62: Aladdin System’s DropStuff and Stufflt Expander. 


If you do not have these utilities, they can be found on numerous Internet 
software archives and the Aladdin Web site at http:/ /www.aladdinsys 
.com. If your computer uses Mac OS 8, they can be found in the “Internet 
Utilities” folder within the “Internet” folder. 


Some email systems restrict the size of the enclosures they accept. For 
example, you may wish to send a 1-Mbyte file enclosure to a friend, but 
his email system restricts incoming enclosures to just 512 Kbytes. With 
compression, you might be able to reduce the size of the enclosure suffi- 
ciently so that it will be accepted. 


Encoding 


Since email systems were designed to receive text messages and not 
binary data such as software applications, many systems cannot accept 
standard file enclosures. To circumvent this limitation, email systems use 
encoding. This involves translating a binary document into text at the 
sending end and then translating the text back into binary data at the 
receiving end. For this to work, both the sender and the receiver must use 
the same encoding method. 


In general, your encoding choices are: 


e BinHex. Use this method when sending files to Mac OS users. 
e Base64. Use this method when sending files to Windows users. 
e UUencode. Use this method when sending files to UNIX users. 


Many email client applications will permit you to make these choices on a 
message-by-message basis. 
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USING NETWORK PRINTING 


There are three ways to print from your Mac OS computer: to a printer 
that is attached to your computer directly, such as a StyleWriter or Per- 
sonal LaserWriter; to a printer connected to your computer indirectly via 
the network, such as a LaserWriter or LaserJet; or to an AppleShare print 
spooler, which will in turn print to the first available network printer. 


Printing to a Network Printer or Print Queue 


Communication with any AppleTalk printer requires a printer driver. Like 
the AppleShare client, printer drivers are Chooser extensions that you 
must click on to browse a list of network printers. You open the Chooser 
by selecting the Chooser item under the Apple (@) menu bar item. 


File Edit View Special Help 


&D Apple System Profiler 
€3 AppleCD Audio Player 

Q Automated Tasks > 
“| Caiculator 
‘= Chooser 
ew Connect To... 
E@ Control Panels 


ose Se 


Select a PostScript Printer: 


F, ScionNet Laser 


Fujitsu SP Scan 


LaserWriter 300/LS 


AppleTalk Zones: 
LocalTalk 
Management 
Marketing 
Production 


Public 
Remote Access 


Training r Active 


AppleTalk 


@ Inactive 


FIGURE 8-63: Opening the Chooser (printer driver selected). 
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Different types of printers use different printer drivers, most of which are 
named after the appropriate printer. 


FIGURE 8-64: Printer drivers for ImageWriter, StyleWriter, Color StyleWriter 
Pro, Personal LaserWriter, and LaserWriter. 


If you do not see a driver for the device you wish to use, contact your 
administrator. The highest performance is usually achieved using the 
LaserWriter 8 driver. Its icon looks like this: 


Fey 


FIGURE 8-65: High-performance LaserWriter 8 driver. 


Once you have connected to a network printer, you will not have to re- 
connect to it each time you wish to print. Your computer will remember 
your choice, which becomes your default printer. 


In addition to the printer driver, many network printers require the use of 
a PostScript Printer Description (PPD) file. This tells the printer driver 
about capabilities unique to the specific printer, such as its memory con- 
figuration, resolution, color capabilities, and paper tray handling. PPD 
files are stored in the “Extensions” folder of the System Folder. 


Before you select a default printer, you should ask your administrator: 


¢ Which printer or print queue should I use? 
e What zone is it in? 
e What PPD should I use? 
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Choose Printer 


Open the Chooser and select the appropriate icon in the upper left of the 
window. 


If your network is divided into zones, these will be listed in the lower left 
of the window. (If your network is not divided into zones, there will be 
no list in the Chooser). Select the zone specified by your AppleShare 
administrator. 


All AppleTalk printers capable of using the selected printer driver in the 
zone you have chosen will appear in the upper right of the window. 
Select the name of the printer specified by your administrator here. 


Select a PostScript Printer: 


"| Clea ScionNet Laser 


FUJITSU i 
Fujitsu SP Sean Image Writer 


Laser Writer 300/LS 


AppleTalk Zones: 


Production 

Public 

Remote Access 

Training Active 
lil 5 Inactive 


FIGURE 8-66: Locating a printer. 


If your administrator has directed you to select a print queue, or print 
spooler, you will see its name accompanied by a “spool” icon. 
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FIGURE 8-67: Locating a print spooler. 


Set up Printer 


Select a PostScript Printer: 
| ScionNet Laser 


LaserWriter 300/LS 


AppleTalk Zones: 
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Training ; 
AppleTalk & inactive 


FIGURE 8-68: Creating a desktop printer. 
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When you have made a selection, the Create button will become active. 
Press this button to configure the printer driver with a PPD and to create 
your desktop printer icon. 


Setting up “ScionNet Laser”. 


Building Desktop Printer 


During this process, the printer driver will communicate with the 
selected printer to determine its type and features, and then configure 
itself with the most appropriate PPD file. 


Chooser 


CF 
FUJITSU 


‘ a i 
Fujitsu SP Scan Image Writer 


LaserWriter 300/LS  Laser'writer 8 


AppleTalk Zones: 
LocalTalk 
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AppleTalk 
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FIGURE 8-69: Configured printer driver and desktop printer. 


When the process is complete, an icon will appear next to the printer list- 
ing in the Chooser window. If desktop printing is enabled for your com- 
puter, an icon will appear on the desktop as well. 
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na Current Printer Description File (PPD) Selected: 
“HP LaserJet SMP” 


Select PPD... 


Pinker inf 


To ensure that the printer has been configured with the correct PPD, 
press the Setup button. In the window that appears, make sure that the 
PPD listed is correct. If not, use the Select PPD button to find the right 
one. Contact your administrator if the correct PPD is not present. You 
may also use the Configure button to make sure the driver knows about 
all of the printer’s options, such as extra memory and paper trays. 


You may set up an AppleShare IP print queue in the same manner. Close 
the Chooser when you have finished. 


Using Desktop Print Monitor 


If your computer is enabled with desktop printing, a new desktop printer 
icon will appear each time you set up a printer in the Chooser. You may 
then choose between the various desktop printers without having to go to 
the Chooser again. 


B&éW Queue ScionNetlLaser = poryriter ColorStyleWriterPro Trash 


The desktop printer with the bold line around it is the default. It will be 
_ used for all print jobs unless you choose a different one. 
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To print to a desktop printer, you may use the traditional Print command 
under an application’s File menu bar item, or you can drag-and-drop the 
document you want printed directly onto the icon. 


During the printing process, your document is stored in a print queue. 
This queue can be controlled by double-clicking on the desktop printer 
icon. 


Pause Print Job 
Resume Print Job 
Schedule Print Job 


Delete Print Job 


2 teams 
Defautt Printer 


bs Ch.8 Misc. (OR) (print) Page: 1of1 Copies: | 
Status: processing job 


Queued Print Job 
Processing Print Job 


ScionNet Laser 


FIGURE 8-70: Working with the Desktop Print Monitor. 


When you select a desktop printer, a Printing menu item becomes active. 
Under Mac OS 8, you may also control the printer using contextual 
menus (clicking on the icon while holding down the Control key). 


If your computer is not equipped with desktop printing, the traditional 
Print Monitor will be activated during printing. It provides the same 
options as does the Desktop Print Monitor, but is accessible only under 
the Finder and only during printing. 


Chapter 8: AppleShare IP Client and User Support 437 


Using ColorSync 


If you are planning to print to a color printer, open the ColorSync control 
panel by choosing ColorSync System Profile in the Control Panels 
folder under the Apple (@) menu bar item. Here, use the Set Profile but- 
ton to choose the description that most closely matches your computer's 
monitor. 


Apple Multiple Scan 17 - 9300 


FIGURE 8-71: Setting the ColorSync System profile. 


ColorSync makes sure that the color in the document you print is as close 
as possible to the color you see on the screen. 


BASIC USER SUPPORT 


The audience for this section should be the AppleShare administrator. 
Here J will return to the discussion of AppleShare IP management. 


Managing Share Points 


To AppleShare users, the server is visible only as a set of named volumes. 
Since this is as much of AppleShare as they will ever see, you should set 
up your server's share points carefully in order to reduce possible confu- 
sion. 
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Some AppleShare administrators share the server's entire hard disk. This 
provides users with the greatest autonomy, as they are free to create fold- 
ers wherever they please within the server's file structure and they have 
only one volume to mount on their desktops. More often, however, 
administrators will use multiple shared volumes to host different types of 
data made available to different groups of users. This is generally more 
convenient for users, as they can navigate a volume of data that is useful 
to them without first having to locate it among the folders and files 
belonging to others. It also provides data security. Only those who 
should be allowed to use a particular volume’s data are given access priv- 
ileges to it. 


Naming Strategies 


Plan ahead and deploy shared volumes that will be the most convenient 
for your users to work with. I have seen many different strategies 
employed and all are unique to the type of work the organizations per- 
form. Following are a few volume naming strategies that I see repeatedly. 


Network install. 1 you do not employ an automated software distri- 
bution tool on your network, such as Datawatch’s netOctopus or Wave 
Research’s FileWave, the next best thing is a network installation volume. 
This is a folder on the server that users can look to for the latest versions 
of applications, updaters, and critical software components. 


b Approved Applications 


> te | Approved Fonts 
D Cy Required Applications 
> te | System Software 


FIGURE 8-72: Creating a network installation share point. 
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Staff folders. People like to have a place of their own on the server, 
especially if hard disk space is scarce on their workstations. You could 
create a private share point for each user, but depending on the size of 
your organization, that might make scrolling through the log-on dialog 
box an overly lengthy process. Instead, create a share point that contains 
folders for each user. 


Staff Folders 2 9] 


6 tems, 1 GBavailable 


| 
a 
Svea ee a 


FIGURE 8-73: Creating a staff folders share point. 


To give users peace of mind, you can make them the owners of their fold- 
ers and give a group of their co-workers write-only access. That way, co- 
workers can drop files into the folder but cannot see what else is in it. 


Applications. If you are going to allow users to run some applica- 
tions from the server, you can create a volume specifically for these pro- 
grams. The folders within can be listed in alphabetical order (“A-D,” “E- 
H,” and so on), or perhaps by application type (“Word Processing,” 
“Desktop Publishing,” “CAD,” etc.). 


Departmental folders. f your organization can be described in 
terms of clearly delineated departments and job functions, you can use 
these divisions as a share point naming convention. Give each depart- 
ment its own folder; then store the data and applications unique to each 
department there. 


Project folders. For some organizations it makes more sense to cre- 
ate share points for each project rather than each department, especially 
when everyone needs access to the same data. 
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Contractor’s folders. Many organizations are reluctant to give 
temporary employees and subcontractors access to the same data that 
their regular employees can see. Such organizations restrict temporary 
workers to a share point of their own. 


Access Strategies 


In creating your share points, you will need to assign access privileges to 
them. By default, the server machine’s owner (as entered in the File Shar- 
ing or Sharing Setup control panel) owns all folders when the server 
starts up, and no other access privileges are specified. In my experience, it 
is best to leave the administrator as owner of most folders. Whoever 
owns a folder can change its access privileges at any time, and that is a 
responsibility best left in the administrator’s hands. 


@ Use enclosing item's privileges 
@ Set privileges for this item 
@® Make this o share potnt and set privileges 


(cal Users & Groups List 
Ovner: | @ Amin 7 Sg [+)} 


| User /Greup: [ (@ Seton Peopte [¥ [y) 


Everyone: i [y] 


Make all enclosed folders like this one 


(_] Can't move, reneme, or delete this folder 


FIGURE 8-74: Working with access categories. 


If there is highly secret data on your server, or if the network is connected 
to the Internet, the Everyone category and the guest user account should 
be used only with the understanding that they apply to anyone. In other 
words, they provide access privileges to strangers. 
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If the owner privileges are assigned to the administrator and the Every- 
one category is used only for a few public folders, there is but one cate- 
gory to accommodate all of your network’s users and groups. What if you 
want to assign access privileges to two users or two groups in the same 
folder? 


You will almost never assign just one user to the User/Group category. 
The one time this is useful is when you create a private folder for some- 
one. In most cases, the User/Group category will always contain a group. 


If your share points are well organized, you can simply create groups for 
each of them. For example, perhaps you have an “Accounting” share 
point. Create an “Accounting” group also and add everyone from the 
accounting department to it. Are there a couple of people from the man- 
agement who should also be given access? No problem. Add them to the 
accounting group as well. Users can be members of many different 
groups. 


What if you want everyone in the organization to have access to a given 
folder, prohibiting access to strangers only? You should not assign privi- 
leges to the Everyone category if guest access is enabled, but you can cre- 
ate a group that contains all of your users and name it something like “All 
Users.” If you do not enable guest access, you can use the Everyone cate- 
gory as it was intended: “everyone who is a registered user” rather than 
“anyone.” 


Working with Share Points 


When you have established your server’s share points, you will have sev- 
eral special options for managing them. 


Share points within share points. To create a Share point, select 
a folder or disk in the Web & File Server Admin’s Disks & Share Points 
window and enable the Make this a share point and set privileges 
checkbox. 
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Select Privileges 


| @ Use enctosing item's privileges 
| @ Set privileges for this item 
@ Make this 6 share point end set privileges 


otter 


Show Lisers & Groups List 


Owner: 69 Admin 


User /Greup: & Scion People 


Everyone: 


Make all enclosed folders like this one 


(J Can't move, reneme, or delete this folder 


FIGURE 8-75: Creating a share point. 


You cannot create a share point within a share point. All folders contained 
within the share point are shared, but they do not appear as separate vol- 
umes in the AppleShare client log-on dialog box. They adopt the access 
privileges of the enclosing share point. 


In Figure 8-76, I have decided to share the Clip Art folder that resides 
within the Claris Home Page folder. Although the Applications folder 
contains this folder, it is not shared and it cannot be shared unless I 
“unshare” the Clip Art folder. The Super Sampler folder is shared 
because it is inside the Clip Art share point. It cannot be made a share 
point on its own unless I unshare the Clip Art folder or remove the Super 
Sampler folder from it. 
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disk 
te | Apple Extras folder 
GY AppleShare IP 5.0 folder 
ey | AppleShare IP Mail Folder folder 


a _AppleShare IP Workstation folder 
wh Applications folder 
La Claris Home Pate 2.0 folder 
So Cls Home Pat application program 
shared folder 
wi Claris Clipaé folder 
2D Clip Art Librar Claris Home Page document 
[) clip art Library 2 Claris Home Page document 
[|] Little Men Studio Libra Claris Home Pages document 
[7} Little Men Studio Products Claris Home Page document 
|) Jittleheader ai Claris Home Page document 
RY SUPER SAMPLER v1 D> Fhe 
a lp Bee a Se DD - - = 0 Y ‘it 
Not Shared 
Share Point 
Shared 


FIGURE 8-76: Shared folder within a share point. 


This way, a user will be able to mount the Clip Art folder on the desktop 
and work with all of its folders. They would neither see nor be able to 
work with anything else in the enclosing Claris Home Page folder or 
Applications folder. 


Inherited versus explicit privileges. When you share a folder, it 
adopts the access privileges of its enclosing folder by default. These are 
said to be inherited privileges. Whatever values were established in the 
Owner and User/Group categories of the share point will be used by the 
share point’s subfolders unless you change them. 


When you change the access privileges of a subfolder, you are setting 
explicit privileges. This is done in the subfolder’s Privileges dialog box by 
enabling the Set privileges for this item checkbox. 
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Select Privileges .. ... ... 


er 


ee an eed aa an ort i eos 
| @ Set privileges for this item 


| Gy Bid set privileges 


Show Users & Groups List 


Gwner: (9 TomDell 
User/Group: [ [% Scion People 


Everyone: 


Make all enclosed folders like this one 


| [EJ] Can't move, rename, or delete this folder 


FIGURE 8-77: Setting explicit privileges. 


When you move a folder that has inherited privileges into another folder, 
its privileges will change to those of the enclosing folder. When you move 
a folder that has explicit privileges, those privileges remain constant no 
matter where it is located. 


In Figure 8-78, I have selected two folders. The All Users folder has inher- 
ited privileges and so adopts the privileges of the Staff folder’s share 
point. The Tom folder has explicit privileges. 
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Select Privileges 
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@ Set privileges for this item 
@ Make this a share point end set privileges 
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Everyone: 


FIGURE 8-78: Inherited and explicit access privileges within the staff folders 
share point. 


Now I move these folders to the New Division folder. The All Users 
folder changes to adopt the access privileges of its new enclosing folder. 
The access privileges of the Tom folder, however, remain the same. 
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Select Privileges 
@ Use enclosing item's privileges 
Set privileges for this item 

_ @ Make this e shere point and set privileges 


Show Users & Groups List 
Qvner: =i) Admin y [~] 
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Vv | New Division 


> Q@@ allusers 

> @& Tom 

dD KEY Pu 

Db {CY Stott Fotders Select Privileges 
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Make this a shere point and set privileges 


Show Users & Groups List 


Over: | @ Tom Dell en [~] 
User /Greup: [ ( Seton People wz [y] 
Everyone: [= had 


Make al} enclosed foldera like this one 


(_] Can't move, rename, or delete this folder 


FIGURE 8-79: Inherited and explicit access privileges within the new division 
share point. 


You may change a folder that has explicit privileges to use inherited priv- 
ileges, which will cause the folder’s subfolders to adopt the inherited 
privileges as well. To do this, enable the Use enclosing item’s privileges 
checkbox. 
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FIGURE 8-80: Setting inherited privileges. 


Forcing enclosed privileges. As you can set either inherited or 
explicit privileges for a folder, you can force the folders within it to use 
these same privileges by pressing the Make enclosed folders like this 
one button in the Privileges dialog box. You will be presented with a dia- 
log box in which to verify your intentions. 
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Select Privileges 
— & Use enciosing item's privileges 
@ Set privileges for this item 
@ Make this e share point and set privileges 
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within this Item? 
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If you hold down the Option key while you press the Make enclosed 
folders like this one button, you will be presented with a different dialog 
box in which you can change the default behavior of AppleShare when 
the folder is moved. If you want the folder’s subfolders to adopt the same 
inherited access privileges, enable the top button. If you want the sub- 
folders to maintain explicit privileges, enable the bottom button. 
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Enclosing folder: An Users . 
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FIGURE 8-82: Forcing inherited or explicit privileges on enclosed folders. 


Unsharing a share point. To make a share point inaccessible to 
users, simply enable the Use enclosing item’s privileges checkbox in its 
Privileges dialog box. Since the share point’s enclosing folder or disk is 
not shared (because you cannot create a share point within a share point), 
it will adopt the condition of being not shared. 


Locking shared folders. While AppleShare is running you can 
lock a server folder so that it cannot be moved, renamed, or deleted by 
enabling the Can’t move, rename or delete this folder checkbox in the 
Privileges dialog box. This restriction will even apply to the folder’s 
owner. The folder can still be copied or opened by anyone with sufficient 
access privileges. 
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Select Privileges 


@ Use enclosing item's privileges 
@ Set privileges for this item 


User /Group: Ee) Scion People 


Everyone: 


FIGURE 8-83: Locking a shared folder. 


Copy protecting files. You cannot restrict users from copying fold- 
ers, but you can copy protect files. To do this, double-click on a file you 
wish to copy protect in the Disks & Share Points window. In the dialog 
box that appears, select the Copy Protect checkbox. 
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FIGURE 8-84: Selecting a file for copy protection. 
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FIGURE 8-85: Enabling copy protection. 


Locking files. You can lock a file so that it cannot be moved, 
renamed, or deleted while AppleShare is running. To do this, double- 
click on a file you wish to lock in the Disks & Share Points window. In the 
dialog box that appears, select the Locked checkbox. 


FIGURE 8-86: Locking a file. 


This restriction also applies to the file’s owner. However, the file can still 
be copied and opened by anyone with sufficient access privileges unless 
the Copy Protect checkbox is also selected. 


Users can also lock their own files in the Finder. This is done by selecting 
a file, choosing the Get Info command under the File menu bar item, and 
then enabling the Locked checkbox. 
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Picture 1 Info 


Picture 1 


Kind: SimpleText document 
Size: 39K on disk (32,784 bytes) 


Where: Macintosh HD: 


Created: Sun, Aug 10, 1997, 9:36 AM 
Medified: Sun, Aug 10, 1997, 9:36AM 
VYersten: n/a 


FIGURE 8-87: Locking a file through the Finder. 


To delete a locked file from the server volume, either unlock it or hold 
down the Option key as you empty the Trash. 


Limiting program use. You may limit the number of people who 
can run an application simultaneously in order to ensure compliance 
with a concurrent user or “site” license. To do this, double-click on an 
application file that you wish to restrict in the Disks & Share Points win- 
dow. 


In the dialog box that appears, enter the number permitted by the appli- 
cation’s licensing agreement in the Application’s concurrent user limit 
field. Once the limit is reached, the next user who attempts to launch the 
application will be told to try again later. 
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FIGURE 8-88: Limiting file use. 


Using AppleShare Client Setup 


AppleShare Client Setup is a special utility that can be used by an admin- 
istrator to modify the behavior of AppleShare clients. 


£) ===> AppleShare Client Setup === B 


AppleShere Client Setup 
for AppleShare Chooser Extension 


Yersion String: 3.7.1 


Modification Dete: Wed, May 28, 1997 


Gestalt : F0010006 
Has Config Resources : Yes 
Supports AppleShere over TCP/IP Yes 
Yolume Mount Ul : Yes 
Multi requests : Yes 


FIGURE 8-89: Settings under the Info pop-up menu. 
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Under the Info pop-up menu you can obtain information about the ver- 
sion of the AppleShare IP client that is running on a given machine. 


EE} === appleShare Gient Setup = | 


AppleShere Client Setup 
for AppleShere Chooser Extension 


Alert Timeout Messages 
Dismiss Dielog efter: [| Seconds 


CJ Server Greeting 

Ci Server Message 

CJ Server is Shutting Down 

CJ Server hes Shut Down 

CJ Server Shutdown Cancelled 

(J User wil! be Disconnected 

([] User has been Disconnected 

Cj User Disconnect Cancelled 

CJ Server Unexpected!y Shut Down 


FIGURE 8-90: Settings under the Dialogs pop-up menu. 


Under the Dialogs pop-up menu you can specify the maximum time that 
will be allowed to elapse before the server status dialog box is dismissed. 
By default, these dialog boxes are dismissed manually. By using this fea- 
ture you can ensure that the machines you rarely interact with, such as 
dedicated servers, are not held up waiting for someone to press the OK 
button every time the server generates a dialog box. 
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E] ===> AppleShare Gient Setup 2 


AppleShare Client Setup 
for AppleShare Chooser Extension 


Features 2 
Mount Yolume at System Startup 
Eneble user to save pessword 
Disable Login Greeting for: 


[] Yolumes Mounted at Startup 
[] Yotumes Mounted via the Chooser 
[] Yotumes Mounted via Aliases 


Eneble Server Messages 
Eneble Server Notifications 


FIGURE 8-91: Settings under the Features pop-up menu. 


Under the Features pop-up menu, you can restrict the client’s ability to 
receive server status dialog boxes. You can also remove the client's ability 
to save user passwords and to mount volumes automatically at startup. 
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AppieShere Client Setup 
for AppteShere Chooser Extension 


Atelk Lookup Timeout Seconds 


TCP Lookup Timeout Seconds 

4 Yerify TCP Address with Ping 

(J Notify user if TCP connect feils 

TCP Connect Timeout: Seconds 
Tiekle Timer : Seconds 

Default TCP/IP Port 

TCP Buffere per session 


Restore Default Settings 


FIGURE 8-92: Settings under the Network pop-up menu. 


Under the Network pop-up menu, you can adjust the amount of time the 
AppleShare client will wait for a response from a server before giving up 
on the connection. This can be particularly useful when applied to certain 
problematic computers that may be attached to the far reaches of the net- 
work, or that reside on a network composed of poor-quality cabling. 


Chapter 8: AppleShare IP Client and User Support ¢ 457 


AppleShere Client Setup 
for AppleShare Chooser Extension 


Finder Cacte 

Eneble Reed Ahead Cache 

Enable Write Behind Cache 
Number of Cache Buffers: 

Coche Buffer Size: 256k 
Cache Memory: 76Bk 


is + 


FIGURE 8-93: Settings under the Cache pop-up menu. 


Under the Cache pop-up menu, you can experiment with the AppleShare 
client’s memory cache in order to improve the speed of file transfers. 


ADVANCED USER SUPPORT 


If you read through the first section of this chapter, the thought might 
have crossed your mind that deploying AppleShare IP takes a lot of work 
at the client end. To properly deploy AppleShare IP, you should make 
sure that: 


e All client computers have System 7.5.3 or newer installed. This is 
required for the AppleShare IP client. 
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e All client computers have Open Transport 1.1.2 or newer installed. 
This improves performance and is required for the AppleShare IP cli- 
ent. 


e All clients have the AppleShare IP client version 3.7 or newer 
installed. Older versions of the AppleShare client are supported, but 
they cannot use AFP/TCP. 


e If possible, all client computers will be upgraded to Mac OS 8 or 
newer. This will eliminate confusion that may be caused by the dif- 
fering access privileges used under System 7/AppleShare and Mac 
OS 8/ AppleShare IP. 


e All client computers have AppleTalk configured properly. 

e All client computers have TCP/IP configured properly. 

e All client computers have Internet Config installed and configured. 
e All client computers have a properly configured Web browser. 

e All client computers have a properly configured email client. 


e All client computers have certain Internet helper utilities, such as 
Aladdin's StuffIt Expander and DropStuff. 


e All client computers have the same versions of commonly used fonts. 
e All client workstations use the same printer drivers. 


e All client workstations use the correct PPDs. 


Daunted? You should be. Migrating to any new networked system can be 
a monumental task. If you leave users to sort out their own needs, you 
will make your life more difficult in the long term as they experience 
problem after frustrating problem. It takes a well-organized effort to 
bring networked computers up to a uniform level of reliable perfor- 
mance. 


Fortunately, there are network management tools that can reduce a 
migration that could take days to one that requires just minutes. The best 
of these tools are Dantz’ Retrospect, Datawatch’s netOctopus, Neon Soft- 
ware’s LANsurveyor, and Wave Research’s FileWave. Each works some- 
what differently and can be applied to different tasks, but any one of 
them will greatly ease your user support burden. I use them all regularly. 
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Scanning Workstations with LANsurveyor 


As I have shown you earlier in this book, LANsurveyor is a network 
mapping tool that presents the devices on your network as graphical 
objects attached to network segments. It is the best tool I have found for 
providing a holistic view of your network. 


LANsurveyor is not limited to a role of oversight, however. It can also be 
used to gather specific information about these network objects. For 
example, imagine that you want to know whether a given workstation 
has the AppleShare IP client installed. To begin, use LANsurveyor to gen- 
erate a map of your network; then double-click on the target worksta- 
tion’s icon. 
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Macintosh Finder ¥Yersion 8.0, Copyright Apple Computer, Inc. 1983-97 


Webmaster Printer Driver: LaserWriter 8 8.4.3, Copyright Apple Computer, Inc. 1983-97] 


Responder Yersion: 204 
AppleShare Yersion: 3.7.1 
AppleTalk Yersion: 60 

ROM Yersion: 125 


Tom’s PowerBoo 
503.3 


Juliana‘s PowerBoo! 
504.94 


AppleShare 5 Server 
500.237 


FIGURE 8-94: Getting information for a mapped object. 
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LANsurveyor presents a window in which detailed information relating 
to the selected computer is shown, not the least of which is the Apple- 
Share version. 


If you have many computers to scan, it might be easier to generate a 
report of all workstation configurations on the network. Choose the 
Select End Nodes command from the Navigate menu bar item to high- 
light the computers. 


Webmaster 
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247 SS. 
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161 \@NT 
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Wliana's PowerBook 
504.94 


cionNet Laser 
100.154 


etopia 
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FIGURE 8-95: Selecting end nodes for inclusion in a report. 


Next, select the New template command from the Reports menu bar item 
to create a new report. You may choose the criteria you wish to scan for 
by using the Add Fields button. 
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Report Column Selection 


Category: |AppleShare Data ~ 


Machine Type 
Guest Access 


Webmaster 
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Tom's PowerBoo 
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FIGURE 8-96: Establishing scanning criteria. 


When you have chosen the combination of configuration data that you 
wish to view and have arranged it in columns, press the Run Report but- 
ton to complete the report. 
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FIGURE 8-97: Generating a report. 
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Imagine how long it would take you to find this information if you were 
required to visit each computer personally. With LANsurveyor, you get 
complete and accurate information in seconds. 


Managing Workstations with netOctopus 


Datawatch Corp.’s netOctopus is an impressive workstation management 
utility. Its system uses a small agent application that is installed on user 
workstations and a console that is installed on the administrator’s work- 
station. 


Administrator can: 
[x] Send information [XJ Updete/Instell 


[X] Search HD [XJ Delete Files 


BX] netOctopus Agent active 
[_] Notify me if Agent cannot loed 


© 1995-1997 Detewatch Corporetion 


FIGURE 8-98: Viewing the netOctopus agent on a workstation. 


With netOctopus, you can query a workstation for just about any infor- 
mation. Hardware, software, configurations—it’s all there. 
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information items 


FIGURE 8-99: Querying workstation data with netOctopus. 


More impressive still, you can change it. For example, imagine that you 
know there are numerous computers on the network that have not been 
configured to use TCP/IP. Rather than taking the time to go to each 
workstation, you can do it remotely with netOctopus. Choose a worksta- 
tion in the Computers window, then select the Change TCP Information 
command from the Commands menu bar item. 
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wv 


Commend description: | Chenge TCP Information 
(] Scheduled for: 8/12/97 


FIGURE 8-100: Configuring a workstation’s TCP/IP settings remotely. 


netOctopus lets you do almost anything remotely, from your own desk, 
that can be done while sitting in front of a user’s workstation. Projects 
that used to require weeks and extra personnel can be reduced to brief 
tasks. 


Managing Workstations with FileWave 


Wave Research’s FileWave and its companion program Asset Trustee 
have many of the same capabilities of netOctopus, but they use a different 
paradigm. netOctopus is primarily an active management tool. Adminis- 
trators use it when they wish to install a specific piece of software, per- 
form a specific function, or obtain a specific kind of data. Wave 
Research’s products have been created for administrators who wish to 
take a more automated approach to network configuration. Administra- 
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tors set up FileWave once to reflect what they want installed on net- 
worked workstations, and the system performs the task—however 
lengthy—from that point on. Asset Trustee gathers workstation informa- 
tion automatically and stores it in a database that can be queried via a 
built-in Web server. 


By way of example, imagine that you wish to install an email client on all 
of your workstations. First you use the FileWave Administrator applica- 
tion to log in to a FileWave Repository Server via the Chooser and mount 
its server volume. This might sound like AppleShare, but the resem- 
blance is superficial. FileWave actually uses the Finder in very different 
ways. 


Double-click on the Repository Server volume to open it and you will 
find that it contains icons for users and files. These two icons contain the 
user models and the file models that you create and manage and that deter- 
mine what FileWave will distribute and to whom. 


a@ee2 Our Master FileWave Server saa—i 


Our Master Filewave Server 


FIGURE 8-101: Opening the mounted Repository Server volume. 


Wave Research includes a demonstration model for distributing an appli- 
cation called MenuMail. You can see this by double-clicking on the Files 
icon in the Repository volume window. 
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5 items 214.9 MB in disk 33.8 MB available 


Target Locatigns Regovered Files File Status Attributes 


FIGURE 8-102: Locating MenuMail inside the Files icon. 


Double-click on the MenuMail icon to see the set of files that are to be dis- 
tributed. This is called a FileSet. 


MenuMail 
Len items 214.9 MB i in disk 
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Read me first ! <MenuMail Users > File Status Attributes 


FIGURE 8-103: Viewing files in the MenuMail FileSet. 


Before this FileSet can be distributed, FileWave must know to whom it 
will go. Destinations are established in user groups. Double-click on the 
Users icon in the Repository volume window. In the Users window you 
will see several user groups, including one that Wave Research created 
for MenuMail Users. The primary user group is “All Users.” 


214.9 MB in disk 33.8 MB available 


ew Users TreeView MenuMail Users ne 


Prebuild Users 


FIGURE 8-104: Working with user groups. 
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FIGURE 8-105: Dragging “Tom” into the MenuMail User Group window. 


Drag the icons of those users on whose workstations you want the email 
client installed from the All Users window into the MenuMail Users win- 
dow while simultaneously holding down the Command (3) key. Then 
close all open windows and select the FW menu bar item that appears on 
the administrator’s computer. Here choose the Update Server Model 
command. That is it as far you are concerned! 


At the users’ end, a FileWave user application is installed on their work- 
stations. It is in constant communication with the Repository Server so 
that when a new installation becomes available, it is completed in the 
background (although users can monitor the process in the FileWave 
application). 


=== FileWave Status SS 


FIGURE 8-106: File installation can be viewed using the FileWave user 
application. 


When completed, FileWave will notify the user if the Macintosh must be 
restarted for parts of the application to be loaded. 
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Se ee er cuca ati ation avctapcanene Staats 
Some system files were added or replaced. Please 
restart your Macintosh as soon as possibile to activate 


the changes. 


FIGURE 8-107: FileWave notifies a user when a restart is required. 


One of my favorite features of FileWave is its ability to perform seem- 
ingly simultaneous upgrades. Imagine that you do not want users to use 
the email client until after a training session. You can direct FileWave to 
distribute the application but to make it invisible until the training ses- 
sion is complete. When users return to their desks, they find that the new 
software that they just learned all about has magically appeared on their 
hard drives! 


Before you distribute software, you will usually need to examine your 
network's workstations to make sure they meet the minimum system 
requirements and to determine how many licenses you should buy. This 
is where the Asset Trustee component comes in handy. It is a comprehen- 
sive database that is constantly updated by the FileWave user software to 
record workstation configurations. 
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fashboourd — 


FIGURE 8-108: Opening Asset Trustee’s Dashboard. 


The various computer systems in the data file can be viewed as a list. 


ri! ; ee fo . 
_|Mac SE, 2/20, imageWriter I! 
{Mac SE, 2/40, ImageWriterLQ 
‘IMac SE/30, 4/60 KRISTIANSEN, Ingrid 
Spares system for unused items _ JORDAN, Michael 
JProken or discarded items _ Me JORDAN, Michael : 
Mae. ici 4/80 __ISCHWARZENEGGER, Art” 
_ [Mac lifx, 4/80, 2-Page Display GRIFFITH, Florence 
Mac ilci, "2740 ane amesien MCDOWELL, Malcolm 
Mac SE, “25/20. a BAUM, L. Frank 
__ [Mac SE/30 2/40 ———i‘(C*C*C*SWIILLIAAMS, Varnes 
{Mae tici, 4/80 ~  — _SOYNER, Jacki 


|VONNEGUT Kurt 


at feLKD, Earnest J. 


FIGURE 8-109: Generating a systems list view. 
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Each computer in the list can be queried further for greater detail. 


—————— i Entry for Systems 


SCANNED NUBUS CARDS: 2 [~ 


CARD NAME MANUF ACTURER VERSION 
Mae | Il High-Resolution Video Card Apple. ameter. svssectntecerineceevetencerttaneef the Nettan iebanieceacsutnat 
t 


FIGURE 8-110: Viewing data for the System in detail view. 


This data can be sorted and viewed in a number of report formats. For 
example, how about a pie chart showing the total hardware expenditures 
in Apple products for each department? 
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FIGURE 8-111: Generating a pie chart of hardware expenditures for each 
department. 


Finally, all of this data can be made available to selected users over the 
Web or your Intranet using Asset Trustee’s built-in Web server. 


24S = ~Netscap pe: Asset Trustee Home Pay ye —EE BS 
Location: {http ://38.247. 58.200/ 


Home || Systems | Hardware | HW Catalog | SW Catalog ff 
. ns | acters | cana fea | Cc 


Welcome to Asset Trustee 


“Srfky| http ://38.247.58.200/4D acgigGear chGcreen.S 


FIGURE 8-112: Accessing the Asset Trustee database with a Web browser. 
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Once you have FileWave and Asset Trustee configured and running, you 
can rest assured that your users will be well cared for. Even if they delete 
applications or files accidentally, they are protected. FileWave will auto- 
matically re-install them. 


Protecting Workstations with Retrospect 
Client 


I find that most administrators are wise enough to back up their Apple- 
Share servers using Dantz’ Retrospect. I am often surprised, however, at 
how many fail to extend this service to the desktops of their users. Using 
the Retrospect client, you can back up all the data on your network 
whether or not it has been copied to the file server. 


Consider the rotational backup script I described in Chapter 4. To add 
your users’ hard disks to the backup, you must first install the Retrospect 
client on each computer. 


E) ==> -netrospect Cient === By} 


Lf watt at Shutdown 


Histery (A Run jn Background : 
$/9/97 10:07 PM: Seript “Daily 
Backup” (Admin): Macintosh HD, Pricrity Fw 7 4 
completed successfully User 9 @ Back 


Access [_] Read Access Only 
Restrictions §=— I private Files/Folders/Volumes 
name begins or ends with © (Option-@) 


Netifteation [YP Notify After Backup 
[Arnotity tne Backup in [7 | ays 


FIGURE 8-113: Viewing the Retrospect client from the workstation. 
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Next, launch Retrospect and select the Configure tab in the Retrospect 
Directory window. Here, press the Clients button. 


Set up Retrospect clients on the network 


StorageSets and catalogs 

View and asks. aaa hail 
Storage devices and media 

Access backup devices and SCSI; prepare media 


Configure volumes and view contents 


FIGURE 8-114: Configuring clients within Retrospect. 


If there are any clients already configured on your network, they will 
appear in the Client Database window. To find newly installed but not 
yet configured clients, press the Network button. 


a Juliana's PowerBook 


@ smte/rop 
GB Tom's PowerBook 


FIGURE 8-115: Previously activated clients in the Client Database window. 
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Retrospect can back up Mac OS computers over either AppleTalk or 
TCP/IP, and Windows-based computers as well. 


Select a client: 
[*] Juliana’s PowerBook Responding 


FIGURE 8-116: Searching for AppleTalk-based Retrospect clients. 


You can configure clients to back up only certain folders or volumes, but 
it is usually best to back up entire hard disks. That way you can restore 
entire volumes should the hard disks on which they reside fail. 


(=) Tom's PowerBook 


f__ Gener) \/ Configure 


Configure Client... 
Changes are saved immediately in the client and cannot be canceled. 


Client Name: Tom's PowerBook 


Security: Has a security code. 


Clock Offset: -7:02 


Version: 4.0 


FIGURE 8-117: Configuring a Retrospect client. 
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Once the workstations have been activated with a serial number and 
added to the Client Database, they can be added as sources to the backup 
script as easily as if they were local server hard disks. 


Destinations (—) EB StorageSet A 
. BB StorageSet 8 

(Ee StorageSet C 

(Ee StorageSet D 


Selectiog (_) 


Normal Backup to G3 SterageSet A 
8/13/97 10:00PM 

8/14/97 10:00PM 

8/15/97 10:00PM 

8/16/97 10:00 PM. Normal Backup to Gi) SterageSet A 
8/17/97 10:00PM Full Backup to SJ SterageSet B 


FIGURE 8-118: Adding workstations as sources in the backup script. 


Imagine that one of these workstation hard disks has crashed. You can 
have its user up and running again in minutes. 

Install a new hard disk. 

Install a basic System Folder. 

Install a Retrospect Client into the System Folder. 


eS 


Restore the workstation’s last backup onto the new hard disk via the 
network. 


5. Throw away the basic System Folder and boot from the old one. 


The user will have lost whatever data was created between the time of the 
last backup and the hard disk crash, but that is all. All other documents, 
applications, system preferences, and file sharing access privileges can be 
restored. 
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This method works nicely when installing new workstations as well. 
Configure one workstation the way you want it. Back it up. Restore this 
backup to other new workstation hard disks. Then all you have to do is 
“tweak” the new computers with the correct user names, software serial 
numbers, and network configurations. 


SUMMARY 


In order to use the AppleShare IP Client, users’ workstations need to be 
configured to use Open Transport networking. This may require the 
additional configuration of AppleTalk and TCP/IP. Users may then 
install the AppleShare IP Client from diskette or from a server volume. 


To use the AppleShare IP Client properly, users need to be familiar with 
the server log-on process and AppleShare access privileges. They will 
also find it helpful to understand the use of Personal File Sharing, Per- 
sonal Web Sharing, Web browsers, email clients, network printers, and 
server-based print queues. 


Basic user support involves the configuration of server share points as 
well as the establishment of user and group accounts. Server volumes 
should be shared with security and user convenience foremost in mind. 


The behavior of the AppleShare IP client can be modified using a special 
setup utility. 


A lot of software must be installed and properly configured on user 
workstations if users are to take full advantage of the AppleShare IP 
server. Fortunately, advanced networking tools such as Datawatch’s 
netOctopus, Neon Software’s LANsurveyor, and Wave Research’s File- 
Wave/ Asset Trustee make this work easy. The work can be protected by 
extending Dantz’ Retrospect to perform workstation backups. 


Server Manager 


If you are using one server to support a small group of users, Apple- 
Share IP Manager and its modules might be all you need to manage 
that server. However, if you have more than one AppleShare server 
or manage more than two dozen user accounts, you will want to step 
up to Server Manager. 


Server Manager, created by Santorini Consulting and Design, Inc., 
makes it possible for administrators to manage multiple AppleShare 
3.x and 4.x and AppleShare IP servers from a remote Macintosh. It 
permits access to the same control functions that AppleShare Admin 
and AppleShare IP Manager do and adds a good many more. While 
this appeals to administrators of larger networks in particular, many 
workgroup administrators also prefer to use Server Manager over 
Apple’s AppleShare applications because of its attractive interface 
and expanded capabilities. 
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o— Sd a tel 


ee eed Sn ee red ee 
2 AppleShare 3 Server: Monitor @ Control ——— 


Hardware information 
Machine type is Macintosh 


Processor is 68020 
FPL is 68882 
¥Yersion Information 
System version is 7.5.5 


connections 
-ourrent: 2 
average: 0 
max; 2 


hal 10:21AM [Gh, 26m} 432M Pare i 
(B Tom Den Sat, Mav 15, 1997 ME ca Mmacintosh lei HD 86s.0 ; 


‘ 10:20 AM [Oh, 32m] 
(Ch) Garrett Dell Sot, Mar 15, 1997 


FIGURE 9-1: Server Manager’s feature-rich interface. 


Among Server Manager’s capabilities are: 


The ability to detect AppleShare bombs, low hard disk space, incon- 
sistent clocks, overdue backups, idle users, excessive file transfer 
activity, and other problems. In some cases Server Manager can 
respond automatically when problems are detected. For example, it 
can disconnect idle users after a given time. In other cases it can 
notify you with audible alarms, dialog boxes, email messages, or 
pager calls. 


The ability to log important server events continuously and make this 
information available for analysis in a tab-delimited text file. This 
supplements the extensive information Server Manager displays on 
screen, as shown in Figure 9-1. 


The ability to perform basic tasks remotely, such as starting and stop- 
ping services, adding and editing user and group accounts, changing 
AppleShare preferences, and rebooting the Macintosh server. In 
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addition to being convenient, Server Manager can provide a new 
level of host security. For the ultimate in safety you can remove your 
servers’ keyboards and monitors and lock the CPUs away in data 
closets. When you need to work with them, you can do so from your 
own desktop. 


e The ability to manage multiple servers as a whole. You can work 
simultaneously with each AppleShare server you have in Server 
Manager. You can even copy and paste users and groups between 
one AppleShare server and another. 


e The ability to manage everything from one console. If you are not 
altogether thrilled with Apple’s OpenDoc paradigm and prefer to 
launch one application instead of seven, Server Manager permits you 
to stick with one familiar interface. 


If you purchased an Apple Workgroup Server in the past few years, you 
might find that you already have Server Manager. Its installation CD- 
ROM is bundled with Apple servers. If you do not have Server Manager 
yet, read through this chapter to find out if its features are right for you. 


INSTALLING SERVER MANAGER 


Server Manager has two components that you will find on the installation 
CD-ROM. The first is the Server Console application, which is installed on 
either an AppleShare server or a desktop Macintosh. The second is the 
Server Agent application, which must be installed on all of the AppleShare 
servers you wish to administer remotely. There is one version of the 
Server Agent for AppleShare 3.x or 4.x servers and another for Apple- 
Share IP. (The installation CD-ROM also includes the QuickMail Quick- 
Messenger System Extension. If you wish to receive alerts via CE 
Software’s QuickMail email system, you can install this on the computer 
running Server Manager.) 


How you install these components depends on how you intend to work 
with them. You must install the Server Agent on all of the AppleShare 
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servers you will be managing. The Server Console can also be installed on 
your AppleShare servers, in which case its Monitor & Control window 
(Figure 9-1) will give you a better idea of what is going on than Apple- 
Share’s windows will. Alternately, you can install the application on a 
remote Macintosh, in which case you will be able to find out what is 
going on with the servers throughout your organization without getting 
up from your desk. I recommend that you do both. 


Server Agent 


Server Console 


Installing Server Console 


Server Console runs under System 7.0 and above. It requires 1,500 Kbytes 
of RAM and takes up 1.5 Mbytes of hard drive space. Install it on a Mac- 
intosh with at least a 68030 processor, such as an SE/30 or a IIci. 


I recommend that you install one copy on each AppleShare server and 
leave it running there full-time so that it can notify you if problems occur. 
I further recommend that you install a copy on your desktop Macintosh. 
You can leave it running to monitor the workings of all your network's 
AppleShare servers, or you can launch it only when you have a specific 
task to perform. 


I keep a copy on my PowerBook. This gives me the ability to roam about 
without losing the capability of managing my company’s servers or those 
of my clients. Server Manager even works over ARA. J have often added 
user accounts to my servers from a hotel room or have analyzed the serv- 
ers of a client located half a continent away. 
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Installing Server Agent 


Server Agent and Server Agent IP require about 1,200 Kbytes of RAM 
and take up less than 500 Kbytes of hard drive space. Server Agent runs 
under System 7.0 and above; Server Agent IP runs under System 7.6 and 
above (since that is what AppleShare IP requires). 


You can install the appropriate version of Server Agent anywhere you 
want on a server’s hard drive, but I recommend that you put the applica- 
tion or an alias of it in the Startup Items folder of the System Folder so 
that it launches itself whenever the servers are restarted. 


You must shut down AppleShare 3.x/4.x for a few minutes in order to 
install Server Agent, because Server Agent installs many disabled user 
and group accounts in order to give itself administrator access to Apple- 
Share later on. 


Once you have copied Server Agent to the server’s hard drive, launch it. 
You will be prompted to enter the file server’s Admin Key (the same 
password you use to open AppleShare Admin or AppleShare IP Web & 
File Admin) as well as a serial number. You need a unique serial number 
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for each Server Agent you deploy. Press the Register button when you 
are done. 


Register iqet aS 


__sertatnumber{ 


If Server Agent has been correctly installed, the Agent Information win- 
dow will open, as shown in Figure 9-2. 


ent Information Sez 


& zl Version 4.0 
= ee © 1993-1997 Santorini Consulting & Design, inc 


Save Agent Error Log... 


AppleShare 3 Server 


Total Agent Memory: 
Agent Memory Usage: 


Agent Startup Time: 12:03 PM on Sat, Mar 15, 1997. 
Rumber of Calls: 0 
Connected Administrators: none. 


Agent Seria) Number = 0000-0000-0000-0000-0000 


Agent Error Log 


FIGURE 9-2: The Agent Information window. 


You may then launch AppleShare. 
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USING SERVER MANAGER DAILY 


In previous chapters I showed you how to use Santorini’s Server Man- 
ager and Server Tools applications for specific server administration 
tasks. Here I will go a bit deeper and show you how to use Server Man- 
ager’s monitoring capabilities on a daily basis. 


The way you configure Server Console for day-to-day use depends on 
whether you are running it on your servers locally or at your desktop 
remotely. Either way you will begin by working with the Servers win- 
dow. 


Using the Servers Window 


When you first launch Server Console it will not know which AppleShare 
servers contain Server Agent. You need to seek out this information by 
pressing the Add button in the Servers window. 


: == 3 a = 
| | 
z j 
a es 


- 


} 


| > 
Monitor & Control 


ae Ree cn ee Re ae a = 2 a 


=~ 


: ee | ee ee a a 


This will open a dialog box in which a list of zones found on your net- 
work appears. If you wish to work with only one server, select the zone in 
which it resides and enter that server’s name in the name field. When you 
first use Server Console, however, it is a good idea to make sure all of 
your Server Agents are properly installed and responding by choosing 
both the all zones and any name radio buttons. You may then press the 
Add button to proceed. 
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Find servers in © zone: |LocalTalk 
Management 
Marketing 
Production 
Public 


_@al all zones 


@ any name 


Searching for Server Agents in zone: 
Marketing 


The Server Agents it finds will appear in the Servers window. 


AppleShare 3 Server in Publio. 


AppleShare fs running normally. 


AppleShare 5 Server in Public. 
Pil File/Web service is on. Mail service is off. 
Print service is off. 


Verify that all of your Server-Agent-equipped servers appear in this win- 
dow. You may then remove any you do not wish to work with at the 
moment by selecting them in the Servers window and pressing the 
Remove button. This terminates the communication between Server Con- 
sole and its Server Agents. The connection can be restored using the Add 
button again. 
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You can direct Server Console to inform you when a server it has been 
out of contact with returns to service. This is done in the Server Console 
Preferences window accessed through the Server Console Prefs com- 
mand under the Edit menu bar item. 


=== Server Console Preferences ne 
~ Graph/Date Log Options ~~~: aa = 

| i Update graphs /data log every [s | minfs). Maintain "Sra hrs. of graph data. 
Bis Coy ages $s al data for for ‘period when this cor console wasn't Sat 


The Server window tells you what is going on with your servers at a 
glance. 


/ gears 3 Server in Public. 
o* AppleShare ts running normally. 


: oF perenne? meer et lh a x Pr aegoood 
Print service ts off. edo p>] + [epee 
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The list item for each server varies depending on whether it is running 
AppleShare 3.x/4.x or AppleShare IP. When all is well you will see the 
message “AppleShare is running normally” or “File/Web service is on.” 
Each list item also displays an icon for each service running on your 
server at any given time. On AppleShare 3.x/4.x servers, this will only be 
AppleShare, but on AppleShare IP servers, you can see which of the three 
primary applications are running: File & Web Server, Mail Server, and 
Print Server. You can also see if the File & Web Server’s FTP and HTTP 
(Web) functions are enabled. A service that is not running is grayed out 
(see the Print Server icon in the illustration). 


- oa 2 


AppleShare AppleShare IP 


If all is well, the Alarm Status pane is empty. When problems occur on a 
given server, its Server Agent reports them to Server Console, which then 
displays an icon in the Alarm Status pane. These icons denote the follow- 
ing situation or occurrences. 


Server is down. When you see this alarm it means that the server Macin- 
tosh has crashed, has been shut down, or has become disconnected from 
the network. You will need to visit the server to find out which. 


Service/AppleShare has been shut down. When you see this alarm it 
means that the AppleShare software is not running. In the case of Apple- 
Share IP, this could be the File & Web Server, Mail Server, or Print Server. 
In the case of AppleShare 3.x /4.x, it means only AppleShare File Server. 
The software could have bombed or someone might have quit out of it. 
You can restart it from Server Console, as I will show you further on. 


Total free disk space has fallen below 10%. This alarm means that the 
server's cumulative free disk space is less than a given percentage. Low 
disk space can cause crashes in applications that write temporary files to 
the hard disk as they run. This is a particular danger when the server is 
running a print queue. It can also cause errors when users attempt to 
copy files to the server. The threshold for triggering this alarm is user- 
definable from 1 to 50 percent. 


G+ 
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Free disk space on any volume has fallen below 10%. This alarm is the 
same as the previous one except that it pertains to individual volumes. 
Whenever you see either of these alarms, you should delete unnecessary 
files from the server to bring it back under the threshold, which is user- 
definable from 1 to 50 percent. 


The threshold you select should depend on the size of the server’s hard 
disk. If the server has a 500-Mbyte hard drive, the default setting will not 
make you aware of a problem until you are down to 50 Mbytes free space. 
It would only take a couple of users copying today’s 20-30-Mbyte appli- 
cations up to the server to deplete all the hard disk’s space. A threshold of 
at least 20 percent would be better. 


If the server has a 4-Gbyte hard drive, the default setting will make you 
aware of a problem when you are down to 400 Mbytes of free space. That 
should give you plenty of time to delete files or add storage space. 


Server time is off by 30 minutes. If you see this alarm, it means that the 
server and the Macintosh on which you are running Server Console are 
out-of-sync by a given number of minutes. Out-of-sync server times can 
confuse backup systems and users who depend on modification dates for 
document version control. You can correct this inconsistency with Server 
Console, as I will show you further on. This threshold is user-definable 
from 1 to 60 minutes. 


Backup is overdue by 100 hours. If you see this icon it means that your 
server's hard disk has not been copied to backup media in a given num- 
ber of hours. You will need to launch your backup software to find out 
why. This threshold is user-definable from 5 to 500 hours (21 days). The 
default setting takes weekends into account, a period of at least 48 hours 
when you might not back up the server. I believe in backing up servers 
each and every day, so I set this to 12 hours. Then I know if the backup 
failed the night before. 


Users/guests have been idle for 30 minutes. This alarm tells you that 
people who have been logged on to the server for a given amount of time 
are not using it for anything. Although harmless, these connections do 
contribute to the operational overhead of the server and usually should 
be closed. This can be done with Server Console, as I will show you fur- 
ther on. This threshold is user-definable from 15 to 2,760 minutes (46 
hours). 
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Users/guests have been connected for 3/1 hours. This alarm tells you 
that people have been logged on to the server for a given period of time 
without logging off. This could signal a security breach, as someone who 
is not authorized to be on the server might be able to use these Macin- 
toshes’ connections to gain access when their owners are away. They can 
be logged off with Server Console, as I will show you further on. This 
threshold is user-definable from 1 to 200 hours (8 days). 


Server activity has been more than 80% for 1 hour. If you see this alarm, 
the server might be overworked. Short bursts of high activity are 
expected with a server, but prolonged high activity slows network traffic 
and reduces the life span of storage media. You can use Server Console to 
determine how you might best redistribute files for load balancing. This 
threshold is user-definable from 25 to 100 percent and from 1 to 10 hours. 


Service/AppleShare error has occurred. When you see this alarm it 
means that the AppleShare software is having problems but is still run- 
ning. The file server application may be very low on memory, there may 
be corrupted files on the hard disk, or the application may have “hung.” 
You will probably need to restart the server, which you can do with 
Server Console, as I will show you. 


RAID error has occurred. When you see this alarm it means that a prob- 
lem has occurred with Apple RAID—the server's mirrored drives may be 
out of sync, for example. You will need to launch the Apple RAID soft- 
ware on the server to identify and correct the problem. 


The settings I showed you here are the defaults. Many of them can, and 
probably should, be changed to meet your particular needs. There are 
also several other procedures that Server Manager can follow when an 
error occurs besides just displaying an icon in Server Console. You can 
establish what parameters will trigger an error message, and what Server 
Manager will do about it, by pressing the Alarms button in the Servers 
window (or by choosing the Alarms command under the Servers win- 
dow’s Servers menu bar item). 
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Alarms 


ute 


qd 
Alarms... 


The Alarms window has three basic components: a check box that 
enables or disables a given alarm; a field in which to specify what event 
characteristics will trigger an alarm, where applicable; and a Respond by 
button, which will take you to a list of possible automated alarm reac- 
tions. 


GB i Server goes Gown. ooo. cccccecessesecsecesecceseneseneeeteoees | 
| Be Ry Fieswed service, Kmail service, DilPrint service goes down... (Respond by... ) | 
] gps [RQ Total tree disk space fatis to < [10]. oo. csccecsssecssecnseeeens | 

[X] Free disk space on any volume falls to < [10 |x. suhauacesdinasecoons | 
[i] Server time ts off by [30 Jing. ........csescseccsesceeserecseeeneeees | 
[J Backup ts overdue by [100] hrs. .........scsescsesseeseecsescneeevenes | 
[i] User(s) are idte[30_|mins. Guest(s) [30 | mins... | 
(2) User(s) are connected [3 | hrs. Guest(s) [1 Joes | 
| [a] Activity is more than [20] 56 for (1 ]ns. situs sseaneatasaaeves | 
By ERI A service error OCOUrS. o.....eececcccscesccesecsreseeesecscessentenses | 


SESTTT TTT TTT TUTE STIS SENT ETTaee Tc eeee SNeSE RENT NTIS TI 
(Cancel) = 


FIGURE 9-3: The Alarms window. 


I explained what Server Manager’s alarms mean. Now let me show you 
how you can program Server Console to respond to them. 


When you press the Respond by button next to a given alarm setting 
(Figure 9-3), the Responses window opens. Here you can use the check 
boxes to enable and disable various reactions. Double-click on any list 
item (or select an item and press the Options button) to make further 
choices. 
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m) 


Playing a sound 

This response plays a sound on the Macintosh speaker at the volume you 
set. Options available. 

Displaying a aotificatien dialog 

This response displays a dialog with a description of the problem that 
invoked it. Options available. 

Adding an entry to the alarm leg 

This response enters descriptive problem information to Server Manager's 
alarm log. No options available. 

Paging a pager 

This response uses Notify !™* or PageNOw!™ to page someone when they are 


Se weseeenan vee, 
es eeeeen heated 
fausaesunsdarsecs 


meee 


secnadingaheramnieend 
Bona ee os 
indecent misastat bases aaseeeen ese 
EE iy ag eT a aE SEES 


away from their computer. Options required. 

Sending a QuickMail™ message 

This response uses QuickMail™ to send someone mail with the problem 
description. Options required. 

Sending a PowerTalk™ message 

This response uses PowerTalk™ to send someone mail with the problem 


FIGURE 9-4: The Responses window. 


These responses include the following. 


Playing a sound. The most typical response to any error on a Macintosh, 
this check box is enabled by default. It causes Server Console to play a 
System 7 sound at the volume you specify whenever a problem occurs, 
which is useful if you have Server Console running on servers that are 
within earshot or on a monitor machine. You can choose the sound that is 
played by double-clicking on this list item or selecting it and pressing the 
Options button. 


SSS Sound Response Options Ss 


Simple Beep 


Cannot allow te happen 
Trek Doorbell 


boitesii tits toitt sss tess ttt sith iit ectast tbe citet otis titssiisitiiitrittetthitetitestiesetsectestisetitriiiitimisritet titsretritistiiitiistetti hey 


wien TB) 


SULSSUE ga Etre tnaetserteezsrassyegeyeusersrpyaeeyrenpsupsariasspaasrastrans rt 
SSUIIQDILGSaN esa desateasrenaseeatnaiteassannsanssranssansreeteeersessreei seas eeaseeaseerasnasseadbans pasa caea 
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Whenever I hear the voice of HAL from 2001: A Space Odyssey, I know I 
have problems. I use this only on a nearby dedicated monitor machine, 
because it is too annoying at my desktop. 


Displaying a notification dialog. Another typical Macintosh response, 
this feature is also enabled by default. It is useful if your AppleShare serv- 
ers are within sight and if you have Server Console running in the back- 
ground while you are doing something else on your desktop Macintosh. 
In the latter case, Server Console will flash a warning icon over the 
Finder. 


When you switch Server Console to the foreground to see what is wrong, 
it will show you the dialog box in which the problem and a suggested 
solution are described. 


Alert 
Total disk space is low. 


Explanation 

Free disk space has fallen to 10%. The alarm threshold you set was 20%. 
There are 214 Mbytes free (out of a total 2096 Mbytes on all server 
volumes). 


Consider empty ing network trash, clearing out old files, using compression 
utilities, or adding new storage media. 


Ptsisthetit-ristst itediteiisiitisietitesttetitittiti tert iat 


Problem Cleared 
Free disk space ts up to normal levels. 


This feature has its uses, but, to be honest, I find it irritating. The icons in 
the Server window are enough of an attention getter for me, so I disable 
this feature for all but Server goes down. 


If you decide to use this feature, you can choose whether or not these dia- 
log boxes will be displayed repeatedly and at what intervals. 
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: 
following r inder values: 
e. 


Number of repetitions: 
Repetition interval: min(s) 


¥ Adding an entry to the alarm log. This check box is also selected by 
default, and J recommend that you leave it enabled. It will record which 
error occurred, on which server, and when. 


To view this record, select Open alarm log under Server Console’s File 
menu bar item. 


— == So aa | a 


3/16/97 (i At least one user ts idle. 
3/16/97 Wh Services) are down. | 
3/16/97 Backup ts overdue on at least one eo 
3/16/97 Free disk space on all volumes ts up to . 
BN6/S7 Free disk space is up to normal levels. a 
3/16/97 Disk space (on one or more volumes) |! 

3/16/97 Total disk space is low. te 
3/16/97 Server ts back up. 


3/16/97 Free disk space is up to normal levels.[% 
3/16/97 Total disk space ts lw. i 
3/16/97 At least one user ts idle. 


3/16/97  AppleShare 5 Server Server ts down. 

3/15/97 — AppleShare 3 Server At least one user ts idle. 

3/15/97 — AppleShare 5 Server Server ts down. 

3/15/97 — AppleShare 5 Server Free disk space on all volumes ts up tof; 


at 
Bary 


3/15/97  AppleShare 5 Server Free disk space is up to normal levels. cy 


FIGURE 9-5: The Alarm Log window. 


Double-click on any item in the Alarm Log window (or select it and press 
the Explain button) for a description of that problem. 
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This server's volumes have never been backed up. 


Press the Clear button to empty the alarm log. You can also export this 
log as a tab-delimited text file by choosing the Export command under 
the Alarm Log menu bar item that is available when the Alarm Log win- 
dow is open. 


There are no options to set for this alarm response. 


Paging a pager. This response is useful if you roam about a building or 
campus and carry a pager. It requires that you have either the Notify or 
the PageNOW service and software. To enable it you must set its options 
to tell Server Console which software you use, what your subscriber ID is, 
and what it should say to you when triggered. 


er Response Options === 


Sending a QuickMail message. If your organization uses CE Software’s 
QuickMail and you have the QuickMessenger System Extension installed 
on the Server Console Macintosh, you can direct Server Manager to email 
you a message when there is a problem on one of the servers. Better still, 
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you can select multiple recipients for emergency email messages from 
any of QuickMail’s MailCenters, including gateway MailCenters. 


Sending a PowerTalk message. If your organization has never invested 
in an email system, you can still use this feature by deploying Apple’s no 
longer supported but free PowerTalk peer-to-peer email system. Simply 
install PowerTalk on your servers and on your desktop machine so the 
Server Console applications on each server can use Apple Open Collabora- 
tion Environment (AOCE) to send you a message each time a problem 
occurs. Like QuickMail, PowerTalk can use Internet and pager gateways 
to notify you of problems when you are away from your LAN. 


Speaking a message. If you enable this feature, Server Manager will 
make use of the Macintosh’s speech technology to tell you verbally when 
there is a problem. This is more useful than the simple beep. 


Launching a document, script, or application. Beyond simply informing 
you about a problem, Server Manager also gives you the ability to do 
something about it with this powerful item. For example, you could 
direct Server Manager to launch a document when the AppleShare appli- 
cation is quit that might describe just how much trouble the user who 
quit AppleShare is going to be in if the server does not come back up fast! 
A more serious example: You might direct Server Manager to run an 
AppleScript that deletes certain expendable files when the server runs 
low on hard disk space. Finally, you can direct Server Manager to launch 
an application when a threshold is met, perhaps Dantz’s Retrospect or 
one of Santorini’s Server Tools. 


To use this feature, type in the exact name of the file you wish to launch 
remotely on the server Macintosh. 


=== Launch Options 


Please enter the name of the file you wish to launch: 


Shutting down file service. This is a feature you should seldom need, but 
it is good to have in an extreme emergency. For instance, if you have a rel- 
atively empty hard disk on the server and suddenly the low disk space 


aT 
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alarm is triggered, you might be the victim of a denial of service attack, 
wherein a vandal is uploading massive amounts of garbage to your anon- 
ymous FTP folder to force a server crash. You can use this feature to beat 
him to the punch and bring the server down gracefully. Equally danger- 
ous, something might have gone drastically wrong with your RAID vol- 
umes. This feature lets you pull the server off-line until you can fix it. 


You have the option of giving users a few minutes in which to get off the 
server by sending them a message. 


| Ba File/Wed Service []Mail Service [Print Service | 


| Time until shutdawn: [s | minutes 
| Shutdown message: 


The previous responses are available to all alarms. There are a few more 
available only to specific alarms. 


Synchronizing the clock. If you enable the Server time is off by... check 
box, this response becomes available. It allows you to automatically syn- 
chronize your servers’ clocks with that of your Server Console Macintosh. 
Obviously, make sure the Date & Time Control Panel on the remote Mac- 
intosh is set correctly. Also, do not enable this feature with servers that 
are in different time zones. 


Sending a message to and/or disconnecting the user(s). If you enable the 
User(s) are idle... or User(s) are connected... check boxes, this response 
becomes available. With it you can send a message to users who are idle 
beyond the time parameters you specify, and you can log them off. 
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Disconnect/Message Response Options 
Please set the following values: 
[] Disconnect after mins. 
x) Message: 


You have been idle or connected for too 
long. 


CL] Oisconnect users even if they have files open. 


The Servers window tells you the basic condition of all the AppleShare 
servers on your network. For more details about the condition of a spe- 
cific server, select it in the Servers window and press the Monitor & Con- 
trol button (or choose the Monitor & Control command under the 
Servers window’s Servers menu bar item). 


Monitor & Control 


& 
Monitor & Control 


You will be asked to supply the server’s Admin Key before being pre- 
sented with the Monitor & Control window. 


SS applesharei Sener a==]=== 


The Monitor & Control window provides a constant display on the over- 
all workings of any server you select, permitting you to perform com- 
mands on it. If you think of the Servers window as being like a car’s 
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dashboard warning lights, the Monitor & Control window can be thought 
of as the actual dashboard. 


= re? Contr) SSS 


a TAN ig: <i Bs 

Hardware information 
Machine type is Power MacintomgS 
Processor is PowerPC 604 Ie 
FPU is on PowerPC 

Version information 
System version is 7.5.5 


s <Guest>: Juliana’s Pow... 4:36 PM [Oh, S4z] 1837.7M 
Public Sun, Mar 16, 1997 2047 Si 
rE) <Guetg>, Yom's Power... 1:49 FM [0h, Omj sam 
Publi Suu, Mar 16, 1997 $40l 


FIGURE 9-6: The Monitor & Control window. 


The Monitor & Control window’s parts follow. 


Configuration pane. This pane provides you with general information 
about the server Macintosh, such as its hardware, system software, and 
memory specifications. 


Server information 
Max number of volumes: 50 


Max shared items: 50 
Max client capability : 120 
Max clients: 51 

Activity limit: 100 


It will also tell you the server's limitations, which will vary between 
AppleShare 3.x, AppleShare 4.x, and AppleShare IP servers. These limita- 
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He 


tions should be taken into consideration when you redistribute work- 
loads across servers. 


Control pane. The contents of this pane vary between AppleShare 3.x/4.x 
and AppleShare IP servers. For AppleShare IP servers, they are as fol- 
lows: 


control 


Start/Stop Services 
Change Service Settings 


Reserve Memory Shut Down Server 


Restart Server 


With this pane, many of the actions for which you would use AppleShare 
File & Web Server Admin or AppleShare Admin can be performed with- 
out your being anywhere near the server. 


Use the buttons across the top of this pane to start and stop AppleShare 
IP services. In so doing, you toggle between a racing flag icon (start ser- 
vice) and a stop sign icon (stop service). 


Use the first button in the second row to set file service preferences. 


Max Guests: 


bhewtanet sercnenatsttatrecirntintiseretrretintiinthiretittbtustertinmbnsssrthsbabrtbrnbiinebsennrhiniTelnant ERE wEneTednTennerEnerensenensans Sunes enDnnEneOnMmGEROGEDSENOSGES+anneonewanEmaneuennenarEcnenacemanessen 


Activity Limit: Max File Server and FTP Clients: 


Login Message: 


CJ Enable File Server Multihoming (AppteTalk) 
_be ihanalled one SETOEN soldat dai pales earch over ir TCP/ wine 
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Use the middle button to set Web service preferences. 


J] Enable Web Service with up to clients. 
C) Enable Web Log 


Use the button at the end of the middle row to set FTP service prefer- 
ences. 


= FIP Settings 


i 
KX) Enable FTP 
KK) Allow Anonymous Login 


Here’s a neat trick. If you have trouble with users quitting out of Apple- 
Share on your servers, don’t use the AppleShare application. In the case 
of AppleShare 3.x/4.x it is not the AppleShare File Server application that 
provides service but the File Server Extension (System Extension). In the 
case of AppleShare IP it is not the AppleShare IP Web & File Server appli- 
cation that provides service but the AppleShare IP Web & File Server 
Extension (System Extension). Therefore, you can use Server Manager to 
launch file sharing on a remote server without giving anyone sitting at 
the server Macintosh any indication that it is running or any visible 
means of shutting it off! 


Time pane. This pane displays the time as it is seen by both the server 
and the Macintosh on which you are running the Server Console. If you 
have not set the alarm response to synchronize the clocks automatically, 
you can do it manually by pressing the arrow button here. 
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she 


NaiZ 
“HK 


You should only have to do this occasionally, perhaps when Daylight 
Savings Time takes effect. If you find the server’s clock is a long way off 
whenever you access it, you probably need to replace the battery on its 
logic board, which powers its Parameter RAM (PRAM). 


Caches pane. This pane is a performance indicator that keeps track of 
how well AppleShare IP is using the server’s RAM to cache file, folder, 
and desktop data for fast access. 


Caching is something you will need to watch over time. The more RAM 
you can allocate to caching, the better. For maximum performance, 
reserve only as much RAM as is absolutely necessary for other server- 
based applications, such as Server Agent and Retrospect. This can be set 
using the Cache button in the previously illustrated Control pane. 


Performance can also be increased by adding physical RAM to the server 
and turning off Virtual Memory in the Memory Control Panel. 


Activity pane. This pane gives a graphic view of the server’s workings 
over time. It also displays a red line representing the alarm threshold you 
set in the Alarms window. The default threshold is 80 percent activity for 
a period of longer than one continuous hour. 
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On the left side of the pane you are shown the current percentage of 
server usage, the mean average of server usage in the last 24 hours, and 
the maximum peak of usage at which the server has run in the last 24 
hours. You can change this measurement interval in the Server Console 
Preferences window, which is accessible by choosing the Server Console 
Prefs command under the Edit menu bar item. 


If you increase the data logging period, you may also need to increase the 
Server Console’s memory allocation. 


Connections pane. This pane provides a graphic view of the number of 
users that have been connected to the server. The number of currently 
connected users, the mean average number, and the maximum number 
are all listed at the left. 


In both this and the previous pane, you can use the arrow buttons to 
scroll back and forth through the logged data. 


Users pane. This pane tells you who is logged on to the server, how long 
they have been logged on, and how long they have been idle (if applica- 
ble). 


zs <Guest>: Juliana’s Pow... {1:36PM [2h, 7m] 
CDrutic Sum Mar tb, i997 

<Guest>: Tom's Power... (1:43PM [Oh, Om] 
_[Sea, Bar 26, 1987 — 


baa 
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Here is a nice feature. Press the hi button to send a user a message. 


Send Message = 


Hey. Wake up! People are trying to work around here ... 


There is no way for the user to send a message back—an omission 
that some might consider a useful feature. It is always a good idea to 
use hi to warn users of an impending server shutdown. 


You can use the X button to disconnect a user. 


Volumes pane. This pane provides information about all the volumes 
attached to the server (shared or not) and the amount of free space on 
each. The vertical red line represents the alarm threshold. 


volumes used/total used 


1837 .7M | 
2047 Sif 


S38M 


S+0IM 


CD-ROMs look just like hard drives to Server Manager, so do not be 
surprised if a given server suddenly displays a volume you have 
never seen. It could be that somebody just put in a different CD-ROM. 


All of the commands I just listed can also be accessed through the 
Monitor & Control menu bar item that is available when the Monitor 
& Control window is open. 


At this point you should have a good idea of which AppleShare com- 
mands you can execute remotely using Server Manager. For details 
consult the Server Manager Manual (on the Installer CD-ROM). 
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As nice as it is to have all these controls available, you are not likely to use 
them very often. Most of your server administration time will be taken up 
with user and group accounts and assigning privileges. Fortunately, 
Server Manager permits you to do that remotely, too. You can work with 
a server's accounts by pressing the Users & Groups button (or by choos- 
ing the Users & Groups command under the Servers window’s Servers 
menu bar item). 


Users & Groups 


Users & Groups 


If you have AppleShare 3.x/4.x servers, I recommend that you forget 
about AppleShare Admin as an option for working with users and 
groups. What is a fairly ugly procedure under AppleShare Admin is both 
easy and elegant under Server Manager. The process is improved some- 
what under AppleShare File & Web Server Admin, but I still prefer 
Server Manager because, again, I can do it remotely. 


To show you how this works I will go through the process of updating a 
new AppleShare IP server to honor the Users & Groups list of an older 
AppleShare 3.0 server. When I open the User & Groups window for the 
new server it is empty but for the default accounts: “Guest,” “Mail 
Administrator,” and whatever the name of the administrator’s account is 
(e.g., “Admin’”). 


OR Admin 


C9 Mail Administrator 
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First, I need to enable the Guest access account so that anonymous users 
will be able to get into my Web Folder and anonymous FTP folder. To do 
this I double-click on the list item or select it and press the Edit button. A 
dialog box appears in which I can enable log-in privileges. 


{1 Login enabled 
L] Pregram linking enabled 


I can gain access to server volumes in my role as administrator using the 
“Admin” account, but I also want a regular user account for myself. To 
make one I press the New button above the Users list. In the window that 
opens I can set up all the necessary account criteria. 


User name: |Tom Dell 
Password: |porp2736 


; internet alias: 


r User Attributes; - Mail Settings 
| @ Disable 
: © Enable 


Login enabled 
: KJ Log C Require encrypted login 


(J All privileges 

(J Require new password 
| &) Change password enabdied | | 
(J Program tinking enabled © Forward to AppleTalk address: 


2 © Forward to (Internet address: 


FIGURE 9-7: The Add window. 


Chapter 9: Server Manager ¢ 505 


When I press the Add button my new account is added to the User list. 
Pressing the Done button closes the Add User window. (If you have any 
questions about these settings, refer to the previous chapters.) 


Next, I will add my co-workers. I could type in each name in turn, but 
since I cannot remember the identities of everyone in the organizations 
and would almost certainly spell somebody’s name wrong, I copy the 
accounts from the older AppleShare 3.0 server. To do this I open both 
servers’ Users & Groups windows, select my co-workers in the first 
server while holding down the shift key, then copy and paste the names 
into the new server. 


| Appleshare 5 Server: Users & Groups| 


| U} Mail Administrator 
Tom Delt 


=== AppleShare 3 Server: Users & Groups : —— 


> a 
> @& Front office (4) 
D> @ Tratmers (5 ) 
> @® writers (4) 


FIGURE 9-8: Copying and pasting user account names. 


Of course, AppleShare IP accounts require more data than do AppleShare 
3.0 accounts, so I will have to edit the imported user accounts to add an 
Internet alias, at the very least. I might also need to assign new pass- 
words. I can do both by double-clicking on any list item (or by selecting it 
and choosing the Edit button). 


506 « AppleShare IP 


I can import groups as well, but they lose their membership information 
and are imported empty. To configure these imported groups to match 
those on the older server, I select their associated users in the User list, 
highlight the destination group in the Group list, and press the Assign 
button. It helps to have the older server’s window in the background with 
the given group’s list item expanded so I can see who belongs to it. 


ApplieShare 3 Server: Users & Groups 


v ® Consultants (5 ) 
( Phil Zarboulas 
Dan Goldberg 
( Altyson Shields (J Dimitri Zarboutas 
| Cass Kovel (J Garrett Den 


FIGURE 9-9: Assigning users to a group. 


Later, if I want to revoke membership, I select a given user and press the 
Deassign button above the Groups list. 


When I want to delete a user or group, I select the account and press the 
Remove button above the User or Group list. I am then prompted to 
identify the individual who will take responsibility for that user’s or 
group’s privileges, with the Administrator account chosen by default. 
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= moses User Reassignment mages 
] Reassign folders to: 
(3 <Any User> 


OF demin 


Aidan Dunne 


(} Cass Kove! 
(J Dan Gokiberg 
Dimitri Zarboutas 


When you remove a user or group you must wait a few seconds while 


Server Manager executes the reassignment action. It will tell you when it 
has finished. 


| (@ Prit Zarboules 
| (@ Tom det 


iy Agent is reassigning folder privileges... 


The last step in copying users to my new AppleShare IP server involves 
making sure I have the same account security restrictions on both servers. 
I can do this by choosing the User & Group Preferences command under 
the Users & Groups menu bar item (shown in Figure 9-10). 


fea User & Group Preferences iusreermenee 


C) Number of days until password expires: 
CJ Minimum number of characters in password: 
C) Maximum number of failed login attempts: 


) Allow user to save password for automatic login. 
CL) Allow program linking. 


HE stecesrezsreraeresercseceres seus erzpecans reasprerreeres: 


ptteettesitelstichestbetetthestbettestirettrettititisstiitittiett rtitetittietitetttititiet sittettttestteetttetitetitg tro titeessti ste tisdiece lest tresertelsttestteli cUisttsittey sy i 


Also under the Users & Groups menu bar item are commands that per- 


mit you to export, edit, and import users and groups in a plain-text or 
tab-delimited text file (shown in Figure 9-11). 
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Users a Groups 
New User... 
Remove User... 
Edit User.., 

inal User to sscabi 


Tue 10:35 #4 


Macintosh HD 


New Sieuss 
Remove Group... 

Edit Group... 

Deassign User from Group ¥0 


User ® Group Preraséates... 


User/Group Report 


Edit Text File with User/Group Names.. 
Panam User/Group Names from Text Fite.. - 


aa to Tent File... 
‘| to Tab-Delimited Text File... 


Mail Isers G broups, 


Install Mare Accounts... 


FIGURE 9-10: Importing and exporting users and groups. 


This feature is a much better way of moving greater numbers of users and 
groups between AppleShare servers because, unlike with cutting and 
pasting, privilege information is preserved (as true or false statements). 
In addition, you are given an opportunity to edit and correct the names 
you have exported from one server before importing them into another 
server. 


Require New Password 
Users & Groups _—Alll Privileges { Change Password 
ea _ Pragiait aigh 


aT SSP Sees peo Re ee ime os 
| 1 JAssociotes | 
| 2 {Consultants 
| & [Sales & Marketing ss 
| @ Trainers “A 
| § [writers ey 
| & jAdmin 

| ¥_ JAiden Dunne 

Cass Kovel 

9 {DanGoldberg 

| 10 [Dimitri Zerboulas 

4% [Gerrett Dell 

| $2 iJon Larson 

| $3 J Julians Dell 

4 [Michael Hytopoulos 
US jNotalie de loa Heros 
46 iNick Lau 

| $2 JPhil Zerboules 

| 4@ 1SM Administrator 

| #9 iTom Dell 

| 20 j¥ivian Ross : 


ris 
hai 41D 1 PR AppleShare 3 Se... Export.TABTEXT / |] Gi: 


j 


eet 


+ > 
on ae te in me le a ae 


gut 


Oe ee ee ee a 
ae 


User Attributes 
Kj Login enabled 

CD All priviteges 

CD Require new password 

Kj Change password enabled 
C2) Program linking enobled 


é ae oes eee: 
Ne ee ee eS 
; A i 
Se 2b 2b ob fe eb fe fe oe ee fe ee fe oe ee 
ee ee ee ee 


FIGURE 9-11: Editing users and groups in a tab-delimited text file. 
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This also gives you the ability to export user account names to 
entirely different applications, such as any other server programs that 
can import tab-delimited text. 


Once you have user and group accounts established, you need to give 
these people something to log in to. You can do this remotely by 
pressing the Access Privileges button (or by choosing the Access Priv- 
ileges command under the Servers window’s Servers menu bar item). 


Access Privileges 


If you are already logged in to a server with any of its volumes 
mounted on your desktop, log off (drag the volumes into the Trash) 
before using the Access Privileges command. That way, Server Man- 
ager can log in with full privileges and full access. 


After you have entered the Admin Key, Server Manager will mount 
the server’s hard drive(s) and open the Access Privileges window. 


; CE A al ar ice br 
ae Volumes v 
2 CS_MAC 
@ Mad Dog 


O Same as enoloring folder 


owner: 
User/Group: 


Everyone: 


C) Change all enclosed folders 
Cc Can't move, rename, or delete 


FIGURE 9-12: The Access Privileges window. 
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This window works much like AppleShare’s window for the same 
purpose. In it you can share and unshare server folders and volumes 
and designate which users and groups will have access. 


If you have any questions about how these privileges work under 
AppleShare IP, refer to Chapter 4. If you have any questions about 
how these privileges work under AppleShare 3.x /4.x or Personal File 
Sharing, refer to Managing AppleShare & Workgroup Servers by myself 
and Dorian J. Cougias (AP PROFESSIONAL, 1995). 


The Santorini Web Site 


Before ending my description of the Servers window I should tell you 
what that last cryptic button is for. 


Server Manager’s developer, Santorini Consulting & Design, Inc., is 
named after the Greek island made famous by the fact that it blew up 
in about 1470 B.c. The button you see is the company logo, a stylized 
representation of that event. If you press the button, Server Console 
will send out an Apple event that should launch a Web browser 
(Netscape’s Navigator, Microsoft’s Internet Explorer, or Apple’s 
Cyberdog) and take you to Santorini’s Web site. You will not find 
much tourism information there, but you will find data on Santorini’s 
other products as well as software updates. 


rm 
= 
c 
a 
7) 
ty 
5) 
a 
= 
= 
= 
vg 
=) 
_ 


Santor 


# 


FIGURE 9-13: The Santorini Web site at www.santorinicd.com. 


Chapter 9: Server Manager ¢ 511 


APPLYING SERVER MANAGER TO 
SPECIFIC TASKS 


Controlling and monitoring the up/down status of your servers and 
working with users and groups are probably tasks for which you will 
use Server Manager on a regular basis. Server Manager has other 
capabilities that you may use occasionally to answer a specific ques- 
tion or perform a particular task. 


Who Has Been Using the Server? 


From time to time you might want to determine who has been using 
your server, when, and how much. You can do so with Server Man- 
ager’s data logging function. Data logs can be invaluable in locating 
security breaches, troubleshooting, and analyzing overall system 
expansion needs. 


To begin automatic data logging, select a server from the Servers win- 
dow and then select the Enable Data Logging command under the 
Servers menu bar item. You will be prompted to tell Server Manager 
where it should store the data log file on your hard drive, and then 
logging will begin. When data logging is enabled, an icon appears in 
the Option pane for that server. 


Serreterreter etter et eee teert (ee tete tater iret iret etc rertrerrt itt r ttt rert ttt ett tettttetmt tim tt tt ir titrimetric it tte ter Pete ttt et tert eet Deri tert Deeper pert t pee Sten. tere 


» AppleShare 5 Server in Public. 


ni File “Web service is on, Mail service is on. 
Print service is on. 


Data Logging 


The results of data logging can be viewed at any time by choosing the 
Open Data Log command under the Servers menu bar item. 
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Stats format Date rT Activity !§ t "Connections »VYolumes Yolume | 


Currently logged on users: Torn Dell 

3 1 2 1887M 2096M 550M 552M 
3 1 2 1887M 2096M 550M 552M 
3 1 2 1887M 2096M 550M 552M 
3 1 2 1867M 2096M 550M 552M 
Logged on: Phil Zarboulas 

14 2 2 1888M 2096M 550M 552m 
11 2 2 1890M 2096M 550M 552M 
Logged on: Juliana Dell 

43 2 1890M 2096M 550M 552M 
3 3 2 1890M 2096M 550M 552M 
Logged on: Darrett Dell 

5S 4 2 1890M 2096M 550M 552M 
& 4 2 1890M 2096M 550M 552M 
ae an: <Guest> 


FIGURE 9-14: The Data Log window. 


Only the first 32 Kbytes of logged data appear in this window. Server 
Manager also saves this data as a tab-delimited text file, which can be 
opened in a word processor or spreadsheet application, such as 
Microsoft Excel (as shown in Figure 9-15). 


Percent of Server Activity 


Log-in Time Number of Connections 
Log-in Date Number of Server Volumes 


Fy? f= gaa hare 5 Sewer Date 
a Sea ;>— 4+ CC 


3/17/97 

3/12/97 

3/17/97 11:31 SQAM 

3/17/97 11:32:56AM 

3/17/97 11:34:31 4M 3 

3/12/97 11:34:42 4M Logged on: Phil Zerboules 

3/97797 11:35:35 4M 14 

B/t7/97 14:36:39 AM 11 

3/17/97 1:37:00 AM Logged on: Juliana Delt 

3/12/97 11:37:43 4M 4 

3/42/97 11:39:06 AM 3 

3/17/97 11:39:30AM Logged on: Gerrett Dell 
5 


—= = = 
* 
NR NR NNN PO 


11:30:06 AM Currently logged on user 
11:30:29 AM 3 1 2 1887M 2056M 
11:3130 4M 3 1-2 «1887M 2056M 
11-32-36 aM 3 1 2 1887M 2096M 3/12/97 11:40:32 4M 
11:34:31 AM B i 2 1887M 2096M 3/1279? 11:42:05 4M 6 
11:34:42 AM Logged on: Phil Zarboulad_ 18 | 3/12/97 11:42:37.AM Logged on: Guest> 
11:35:35 AM 14 2 2 1888M 2096M[_J8 | 3/12/97 11:43:52.4 
11:36:39 AM 11 2 2 1690M 2096M| 20 | 3/12/92 11:47:01 AM 
11:37:00 AM Logged on Juliana Dell [/ 4 3/17/97 11:50:21 AM 
11:37:43 AM 4 3 2 1690M 2056M 3/17/97 11:53:27 4M 
apa Lene Set | 2S i 3/17/97 11:56:33 4M 

Logged wre 7 
11-40-32 AM 5 4 2 1690M 2096M | #4 - 3/17/97 11:59:41 AM 
11:4205 AM 6 4 2 1690M 2056M 
11 42.37 AM Logged on <Guest> 


= 


anna gun aos ul ut NN 


NANA A BO NA 


FIGURE 9-15: A typical data log imported into Microsoft Excel. 
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The following can be captured in this log: 


Server Manager actions. These are all the actions Server Manager 
has initiated on the server, such as those made available in the 
Monitor & Control and Alarms windows. 


Log-ons/log-offs. These are all the dates and times when a user or 
guest logged on to or off of the server. 


Guest unmasking. If this option has been enabled in the Server 
Console Prefs dialog box, you will be able to see what computer 
and zone a person logged in from, even if they use guest access. 


Zee AppleShare 5 Server Vata Log 


a 13/17/97 4 25 55 PM Unmasked <quest>: user ‘Juliana’s PowerBook’ logged on from ‘Public’ 
5/17/97 4:25:55 PM Unmasked <quest>: user ‘AppleShare 3 Server logged on from ‘Public 


Server activity. This is the percentage of processing power a user 
has been responsible for consuming in relation to the server's 
overall processing capacity. 


Server connections. This is the number of users who were also 
logged into the server at the same time. 


Disk space. This includes the number of volumes on the server as 
well as the free space and total space of each. 


You can determine which of the categories will be logged by selecting 
the Data Logging Preferences command under the Servers menu bar 
item and enabling or disabling the check boxes. 


Siac Data Log Preferences iiamaam 


1 | Server Manager Actions 
{) Log-ons/Log-offs 
x] Guest Unmasking 


| & Server activity 
KX] Server Connections 
| X] Disk Space 


Piveteriestostestiseieel-sitesiosisetisccsstsetisssiscssitsctosrsisebsssttslithzicsresirestesresssssteitcussstessseiioo ta] 


é ‘ : 
Sy i 
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Server Manager gathers information to be placed in the log six times a 
minute. 


Who Is Hogging the Hard Drive? 


When you start to run low on hard drive space it is good to know who 
is responsible for using most of it so that you may ask them to delete 
any unnecessary files. This can be done by opening the Users & 
Groups window, then selecting the Disk Usage command in the 
User/Group Report fly-out menu under the Users & Groups menu 
bar item. 


Kj Group Member Usage 


: 
: 
H 
H 
: 
H 

H 
H 
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4 
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3 
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Users and Group 


Cass Kovel 


duliana Dell 


Phil Zarboylas 


Internet Users 
GY Intranet Users 


Dan Goldberg 
Mail Administrator 
Tom Dell 


Server Manager will quantify the amount of hard drive space taken 
up by folders and files owned by your users and groups. (If you fol- 
lowed my advice from Chapter 4 and made the Administrator 
account the owner of all folders, this report will not do you much 
good.) 


This feature once saved a client of mine a lot of aggravation. It seemed 
that no matter how big the hard drive he put on the server, its space 
would get eaten up in a matter of weeks despite the fact that most of 
the users created nothing but small text files in their work. Finally he 
used the Disk Usage Report to determine that most users had about 
35 Mbytes on the server, but one had about 2.4 Gbytes! It turned out 
to be the only user in the office whose Macintosh was not equipped 
with a CD-ROM drive. He was copying the contents of various CD- 
ROMs up to the server from co-workers’ Macintoshes so that he could 
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access them back at his desktop. He did not know that each CD-ROM 
could have as much as 650 Mbytes on it and that this is a lot of data. 


He has a CD-ROM drive now. 


Who Is Hogging the Processor? 


When it seems that your server is starting to bog down, it is good to know 
who is responsible for using the highest percentage of its available pro- 
cessor bandwidth. It is possible that they are doing something, like run- 
ning an application off the server, that they can be dissuaded from doing. 
To generate such a report, open the Users & Groups window, then select 
the Activity command in the User/Group Report fly-out menu under the 
Users & Groups menu bar item. 


Mail Administrator 


iam |e 
| (Tom ben 


Server Manager will show you which users are responsible for the great- 
est amount of server activity, and how much of that activity involved 
copying files to the server versus copying files from the server. 


Scheduling Server Actions 


I showed you how an alarm can be used to trigger a Server Manager 
action, such as launching an AppleScript on a remote server. Server 
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actions can be triggered by time as well. This is done within the 


Scheduled Actions window opened by choosing the Schedule Action 
command under the Servers menu bar item. 


Action 


&. ‘Set user access at 9:00:00 PM on Mon, Mar 17, 1997. 


PPO Oreraen senor eonen tenes DbaadD 


6 ‘Stop service (File/Web) at 10:00 00 PI PM on Mon, Mar 17, 1997. 


Pere etre ieee ett ite teria ttt ieee tiers fecctoettectt ati itenhien 


a _Launch item on server at 10:05:00 PM on Mon, Mar 17, 1997. 


Pbaberdsersneerseetincerteviréveurevenetssnrrrevedievtbtronte tis 


re ” Start service (File/Web) at 10:15:00 PM on Mon, Mar 17, 1997. 


FIGURE 9-16: The Scheduled Actions window. 


To schedule the execution of a command, press the Add button to 
open the Schedule Action dialog box. 


Action Time: 8:00:00 PM 
C9 stop service [March v]} | 1997 | 
Re Start service 
. Set user access 


th Launch item on server 


Date: 3/17/1997? 


FIGURE 9-17: The Schedule Action dialog box. 
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Here you can establish the times at which you want specific server- 
side events to occur, and configure options for several actions. These 
actions are: 


Stop service. With this action you can shut down any AppleShare IP 
service and optionally give users a warning and some time to log off. 


Peas Shutdown Options Sea = 
] OJ File/Web Service ()Mail Service (Print Service | 


} Time until shutdown: [s | minutes 
7 Shutdown message: 


Start service. With this action you can start up any AppleShare IP ser- 
vice. It works nicely in conjunction with the previous action. 


Set user access. With this action you can deny access to users of guest 
access and/or limit the number of client connections overall. This is 
particularly handy when you are concerned about guest users and 
you want to deny them access when you are not around. It is also use- 
ful in limiting server activity at times when the processor is shared by 
other applications, such as when a backup script is launched. 


OC Restrict quests from logging on. 


| CJ Restrict number of connections to | 


Launch Item on server. With this action you can launch a document, 
application, or AppleScript on a remote server, just as you can with 
some alarm responses. 


These actions work particularly well when used together. For exam- 
ple, you might: 
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Shut down the Mail Server and Print Server to reduce processor load 
and close open files by using the Stop service action. 


Limit connections to just a few so that server activity is reduced, but 
access to the Web server is not completely cut off, by using the Set 
user access command. 


Execute a backup script on the server by using the Launch item on 
server command. 


Increase the limit of user connections when the backup is complete 
using the Set user access command again. 


Restart the Mail Server and Print Server using the Start service com- 
mand. 


When an action is scheduled, an icon appears in the Option pane for that 
server in the Servers window. 


am AppleShare 5 Server in Public. 
Bu File/Web service is starting up. Mail 
service ts off. Print service is off. 


Scheduled Action 


SUMMARY 


With Server Manager you can manage multiple AppleShare 3.x /4.x 
and AppleShare IP servers throughout your LAN or WAN remotely. 


server Manager is composed of two components: a Server Agent 
installed on each server and a Server Console installed on a remote 
management machine. 
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You can use Server Manager’s Alarms functions to warn you of cur- 
rent or impending server problems, as well as to react automatically 
to many of those problems. 


You can use Server Manager’s Monitor & Control function to start 
and stop services, configure service preferences, shut down and 
restart the server Macintosh, and monitor server activity. 


Server Manager lets you manage users, groups and their associated 
privileges using familiar AppleShare-like windows. 


Server Manager generates reports that can be used to answer config- 
uration and performance-related questions. 


Server Manager can be scheduled to perform server-side actions 
automatically. 
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SUMMARY 


With Server Manager you can manage multiple AppleShare 3.x/4.x 
and AppleShare IP servers throughout your LAN or WAN remotely. 


server Manager is composed of two components: a Server Agent 
installed on each server and a Server Console installed on a remote 
management machine. 


You can use Server Manager’s Alarms functions to warn you of cur- 
rent or impending server problems, as well as to react automatically 
to many of those problems. 


You can use Server Manager’s Monitor & Control function to start 
and stop services, configure service preferences, shut down and 
restart the server Macintosh, and monitor server activity. 


server Manager lets you manage users, groups and their associated 
privileges using familiar AppleShare-like windows. 

Server Manager generates reports that can be used to answer config- 
uration and performance-related questions. 


Server Manager can be scheduled to perform server-side actions 
automatically. 


AppleShare IP 
and the PC 


Mac OS computers are friendly to other network citizens. While 
they are biased towards AppleTalk, they are willing and able to 
“speak” other protocols as well. In many organizations, for exam- 
ple, Mac OS computers communicate using strictly Novell’s IPX/ 
SPX. They are also capable of speaking over many types of network 
topologies, including LocalTalk, Ethernet, Token Ring, Fiber 
Optics, Asynchronous Transfer Mode (ATM), and others. Overall, 
it is easy for Mac OS-based machines to fit in with other types of 
computers in a heterogeneous network environment. 


Because Mac OS computers are so network friendly, their owners 
can take advantage of many services provided by other platforms. 
For example, some Mac OS users rely on the security of a Novell 
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NetWare file server for vital data storage. Others call on the processing 
power of a UNIX-based minicomputer or an IBM mainframe. 


PCs have traditionally been more standoffish—auntil recently, PC vendors 
were reluctant to connect with the Mac OS. This has posed a problem for 
PC owners who want to share Mac OS-based services such as high-qual- 
ity PostScript printing and AppleShare. 


Fortunately, this problem is easy to overcome today. You can bring Mac 
OS computers and PCs together in two ways: 


e Use a multiprotocol server. For example, a Novell NetWare server 
configured with the AppleTalk NetWare Loadable Module (NLM) 
can support PCs with IPX/SPX while simultaneously supporting 
Mac OS computers with AppleTalk and AFP. The Microsoft Win- 
dows NT Server can also support PCs and Mac OS computers simul- 
taneously and provide AFP services. Although PCs and Mac OS 
machines may access these servers with different protocols, they are 
able to “see” and use many of the same server-based resources. 


e Use acommon protocol. A more direct way to bring Mac OS comput- 
ers and PCs into the same fold is to configure them to speak the same 
network language. If your network is primarily composed of PCs, it 
makes sense to install a PC-native protocol such as IPX/SPX on your 
Mac OS computers. If your network is dominated by Mac OS com- 
puters, it makes sense to install AppleTalk on your PCs. If your net- 
work is connected to the Internet or an Intranet, the best approach 
may be to make your Mac OS computers and PCs speak the more 
universal TCP/IP. 


In this chapter, I will show you how to install AppleTalk and TCP/IP to 
connect your PCs to your AppleShare IP server. I will also show you how 
to work with the platforms’ inherent differences. First, however, consider 
the similarities between the two platforms. 
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COMPARING THE MACINTOSH 
AND THE PC 


Much discussion has centered around differences between the Macintosh 
and the PC. Within the realm of networking it is more constructive to 
examine the qualities they have in common. 


Booting the PC 


First, consider the startup sequence of your Mac OS computer: 


1. 


3. 


When you press the power-on button, you hear a chime. The comput- 
er’s ROM looks for a HFS-formatted hard drive. If a System file is 
available, you are greeted by the “Happy Mac.” 


A parade of INITS is displayed across the screen as these memory- 
resident applications are loaded into RAM. 


Eventually, you end up in the Finder, looking at the desktop. 


Although you may never have thought about it, PC operating systems 
work in much the same way. Consider how a DOS-based PC starts up: 


1. 


When you press the power-on button, you hear a beep. You watch the 
ROM BIOS (Basic Input Output System) in action as it counts RAM in 
the corner of the screen. If the RAM is functioning properly, the ROM 
will look to the hard drive for the invisible files IOSYS and MS- 
DOS.SYS for additional instructions. At this point, we are at the PC 
equivalent of the “Happy Mac.” 


The computer looks for COMMAND.COM, the command line inter- 
preter, next. This vital application tells the processor what you mean 
when you type on the keyboard. If the COMMAND.COM file is miss- 
ing, the PC will not boot. In the Mac OS, if the System file is missing, 
the Macintosh will not boot. 
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3. 


The PC will load two files, CONFIG.SYS and AUTOEXEC.BAT. 
These files contain user-programmable instructions that determine 
how the computer should handle memory and peripheral devices. 
These files also contain instructions for loading Terminate and Stay 
Resident (TSR) programs. TSRs are the PC equivalents of Mac OS 
INITs. 


Eventually you find yourself in the root directory, looking at the 
prompt: 


C:\ 


Under DOS, the letter C: usually designates the first hard disk in the 
PC. Many PCs also have two floppy drives. The first is for 1.44-Mbyte 
3.5-inch floppy diskettes and is labeled A:. The second is for 1.2- 
Mbyte 5.25-inch floppy diskettes and is labeled B:. A CD-ROM, DAT, 
or Iomega drive (Zip, Jaz), will usually get a D:. 


The boot process continues if the PC is loaded with Microsoft Win- 
dows. In this case, it will keep going beyond the C: prompt and load 
the Windows environment. Under Windows 3.1, this environment is 
no more than a GUI shell. Under Windows 95 and Windows NT, 
however, it is a full operating system that compares favorably to the 
Mac OS. 


Networking the PC 


Next, consider how your Mac OS computer is connected to the network. 
It may be attached through an onboard connector, such as a LocalTalk, 
Ethernet, or AAUI port, or it may be connected via an expansion card. 


There are only three expansion buses to choose from on the Macintosh. 
Older Mac OS computers used NuBus. Newer ones use the Peripheral 
Component Interconnect (PCI) bus. PowerBooks may use the PC Card 
bus. Because the Macintosh adheres to just these standards and truly sup- 
ports “plug-and-play,” all you need to know to get the right NIC is which 
bus your computer has. 
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PC Standards 


Things can be more complicated on the PC. Depending upon the bus con- 
figuration of the PC, the NIC you buy will need to adhere to one of sev- 
eral PC standards, as explained in the following paragraphs. 


32-bit, 16-bit, or 8-bit. These numbers refer to the size of the path- 
way over which data moves to and from a computer's RAM and its I/O 
devices. The newest PCs have 32-bit expansion buses. Many older PCs 
have several 16-bit expansion slots and a couple of 8-bit expansion slots 
for downward compatibility. Really old (early 1980s) PCs have only 8-bit 
buses. 


ISA. The Industry Standard Architecture (ISA) bus, pronounced “eye- 
suh,” was first used in IBM’s AT of 1984. ISA expansion boards will also 
work in an EISA (Extended IsA—pronounced “e-suh”) bus. This stan- 
dard brought the ISA bus up from 16 to 32 bits in 1988. 


MCA, The 32-bit Micro Channel Architecture (MCA) bus is used 
mostly in IBM computers, such as the PS/2. It is far less common than the 
ISA bus. 


PCI. The Peripheral Component Interconnect (PCI) bus came out in 
1993. It gives PCs a “plug-and-play” capability similar to that of the Mac- 
intosh. (Some deride this as “plug-and-pray.”) PCI supports both 32- and 
64-bit buses. 


PC card. The PC Card is a trademark of the Personal Computer 
Memory Card International Association (PCMCIA). It supports the credit 
card-sized peripherals that are used primarily with laptops. 


In addition to these hardware standards, there are some hardware driver 
standards you will need to learn about as well: 


ODI. The Open Data-link Interface (ODI) driver standard was created 
by Novell to permit a PC NIC to run multiple protocols simultaneously. 


NDIS. Conceptually similar to ODI, NDIS was co-developed by 
Microsoft and 3Com. It provides protocol multiplexing, which allows 
multiple protocol stacks to co-exist on the same NIC. 
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PC Software 


Before you purchase or attempt to install AppleTalk on a PC, you will 
need to know what hardware is present and which standards are sup- 
ported by that hardware. 


Apple Workgroup Servers are bundled with software that permits PCs 
running Windows 3.1 or Windows 95 to communicate using AppleTalk. 
Windows NT machines are sold with an AppleTalk protocol stack from 
Microsoft. DOS PCs require another product, such as Farallon’s 
PhoneNET PC. 


Let’s take a look at the issues that affect Mac OS-to-PC integration, begin- 
ning with the lowliest AppleShare client: DOS. 


APPLETALK UNDER DOS 


In order to install and use AppleTalk on a DOS-based PC, you need to 
know some basic DOS principles. 


Working with Directories 


DOS-based PCs arrange their files in directories and subdirectories; Mac 
OS computers arrange their files in folders and subfolders. Other than 
that, both machines store files in much the same way. 
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C:\ROOT = eer 


4items, 89.5 MBavailabl 
L__ pinectory | _sitems, 89.5 MBavailable | 


L SUBDIRECTORY 


= FILE 1 “as 


FILE_2 File2 
FILE_3 File3 


FIGURE 10-1: DOS versus Mac OS hierarchies. 


To open a DOS directory, type CD (for “change directory”) and the direc- 
tory’s name at the C: prompt; then press Enter. For example, typing the 
command below will get you inside the DOS directory from the root (top- 
most) directory: 


C:\cd dos 


To see the system files that the directory contains, type dir (for “direc- 
tory”) and you will get an alphabetical listing: 


Condir 


To back out of this directory and go back to the root directory, one level 
above it in the hierarchy, type the command below: 


Cf\ed ...« 


Naming Conventions 


In addition to being accessed differently, DOS directories use naming 
conventions different from those of Mac OS folders. The Mac OS supports 
folder and file names 31 characters long. DOS machines support file 
names only 12 characters long, in the following format: eight characters, a 
period, and a three-character extension. This is known as the “eight-dot- 
three” (8.3) convention. 
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Because of these different naming conventions, a folder that has one 
name on the Mac OS might be named differently on the PC. For instance, 
the folder you named “Approved Applications” on the server is 
Approv~1 as seen by DOS when accessed using AFP. 


Approved Fonts 


Required Applications System Software 


R) Vandows 95 
| af | 


p 1981 1995 
WHLHDOWS> cd 


Appl Lons 
font 
iipigil 10ns 


FIGURE 10-3: The folder “Approved Applications” as seen by a DOS user. 
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Windows 95 and NT are capable of using a larger name space, but they 
do not always recognize all of the characters that the Mac OS uses. For 
example, I added a space before the name of the “New!” folder so that it 
was listed at the top of the “Net Install” folder while being viewed with 
the Mac OS’ as List command. Windows 95 does not know what to make 
of the space, so it calls the folder “New!~1.” 


f= Net Install on ‘Appleshare 5 server @public' , Pafe see 
Kod, “ _— W 


Ame Reeeen een resene en: 


FIGURE 10-4: The folder “New!” as seen by a Windows 95 user. 


Short Names 


Before you allow PCs to log on to AppleShare, you should name the 
server's folders and files in a way that will make sense to users on all plat- 
forms. For example, a “Human Resources” folder could be renamed 
“HR”; an “Applications” folder would still be recognized if renamed 
“Apps.” 


To make the job easier, AppleShare IP has a feature that tells you what 
your folder names will look like from the perspective of a PC user. To use 
it, select a folder in Web & File Server Admin’s Disks & Share Points win- 
dow, and then choose the Short Name command from the Server menu 
bar item. 
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Disks & Share Points 


IE} Net instar 

a New! 

a Approved Applications 

ey | Approved Fonts OTe 

ey | Required Applications folder 

ey | System Softwere folder 
EQ Pun shared folder 
IY Steff Fotders shared folder 
ey | Stationery folder 
IC} Web Folder shered folder 


b 
4 
b 
b 
b 
b 
b 
b 
bd 
b 
b 


FIGURE 10-5: Viewing the short name of a folder. 


Working with DOS Files 


In addition to handling folder and files names differently, Mac OS com- 
puters and PCs handle files differently. 


A Macintosh file is composed of two parts: a resource fork and a data fork. 
The data fork contains the core text or programming code. The resource 
fork contains the more esoteric data, such as formatting information, the 
icon, and the file’s creator code. Creator codes are unique identifiers that 
tell the Mac OS which file goes with which application. For example, if a 
user-generated document has the creator code MSWD in its resource 
fork, the Mac OS knows that it was created with and can be opened by 
Microsoft Word. 


DOS files use only data forks. To perform the same file-to-application 
association that the Mac OS uses inherently, DOS users rely on a file 
name’s three-letter extension. This is called suffix mapping. For example, if 
a user-generated document's file name has the extension .FMP, some 
DOS applications will know that it was created with, and can be opened 
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by, Claris FileMaker Pro. Unfortunately, this system is not reliable. Apple 
Computer provides creator codes to developers to keep these codes 
unique. Such standardization was never forced on PC vendors, however, 
so suffix mapping has its limitations. 


In order for Mac OS and DOS users to share files, a mechanism must be in 
place that maps the creator code from the Mac OS to the three-letter 
extension of the PC file, then strips away the resource fork. Conversely, 
Mac OS users must have a resource fork created for them and the three- 
letter DOS extension associated with a Mac OS creator code. 


On the Mac OS, this is done transparently by the PC Exchange and Mac- 
intosh Easy Open control panels. Third-party translation software, such 
as MacLink Plus from DataViz, Inc., can enhance the process. 


SSS = DataVi: fever Ee 
‘ Type: GIFf 
has File: box.gif ; 
Y=) This is a GIF Graphic ind: 


MacLinkPlus can translate this file 


GIF89a >>> {{{ 999 sosss JJJ kckk ck2Z2ZZ41 RAAR k{{ZG{ sBkR k1)REZRic s {k 
{kBS c{{ kJZ JB{R sR) sc{y2 Re {B-890k1 ks{c 19{ ODqe PUB {=| $(P “wiw 
@rq HbE$Y DGB TC qQF dOc CP 44°B o'sz C 

= .,h$ ,co*H F.S H¥ 


‘ind 

A 1;8RF XiMl 1@8 f"'tx e0 + 

RPK OBp +<aR EBIFS /10g2 t3®\X =F $\ "UMU hg>X /ja3 \Or BSk hdte™i (Dofios 
‘Ns * gt SS\c* o8L e@ 


P<Q _u@" ‘Ns 


¢ ulb2zi UICeH) Te“! P* ‘I b BARN 3 1A ,!v OBQ ‘IRES| ‘>4tC7$7i pa utt_se lw 
:] 1@d50bE+ fFe$| 6=t 30 


FIGURE 10~6: Viewing a file’s data with MacLink Plus. 


If you know that users will copy files back and forth between DOS and 
the Mac OS regularly, you will want to take several steps to keep the pro- 
cess moving smoothly. 


First, make sure that the Mac OS computers are running the PC Exchange 
control panel. 
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Assign an application to a DOS suffix: 


DOS Suffix Application Program 


[sve | FileMaker Pro |% 


(CQ FileMaker And Apple Events |+| 


Q FileMaker Examples 
QY FileMaker Extensions 
FileMaker Pro 

Qi Filemaker Templates 
Q FileMaker Tutorial 


FIGURE 10-7: Configuring PC Exchange for suffix mapping. 


In addition to automatic Mac OS-to-DOS file recognition, this control 
panel can also create associations manually. For instance, you could use it 
to map a word processor file, such as one created by WordPerfect for 
DOS (.DOC), to a Mac OS word processor, such as Microsoft Word. This 
way, both users will be able to work with the files in their preferred appli- 
cation. 


Next, make sure that PC users employ file name extensions properly. 
Some applications, such as FileMaker, will add an extension (.FMP) auto- 
matically. Tell your users to add an agreed-upon suffix when using appli- 
cations that do not add extensions automatically. 


Next, try to ensure that both Mac OS computers and PCs are using appli- 
cations intended to be cross-platform (e.g., Microsoft Office, Claris File- 
Maker Pro, etc.). Also, make sure that users employ the filters that have 
been built into their applications when they are saving files to be used on 
different platforms. These can be accessed through the Save as function. 
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& AppleShare iP Cearty Explained | + <> Macintosh HD 


QR ASIP Research 
Wi Appendix-A 
Wi Appendix - B 


ASIP Intro 


Save Current Document as: 


Save File as Type: 
WordDocument 
a 
MS-DOS Text with Line Breaks 
Rich Text Format 
Stationery 
Speller Custom Dictionary 
Speller Exclude Dictionary 
Text with Layout 
WordPerfect 5.0 
WordPerfect 5.1 for MS-DOS 
WordPerfect 5x for Windows 


FIGURE 10-8: Using a built-in filter (Microsoft Word). 


Where there is no other option, documents can be saved as ASCII or Text 
Only. This will not preserve formatting, however. 


Finally, arrange your server share points in such a way that Mac OS users 
may access PC documents but not PC applications. Do the same for PC 
users. If you do not, users may try to launch non-native applications that 
might then be corrupted. 


It is also a good idea to create share points for PC-native files only and 
Mac OS-native files only, as well as to create share points accessible by 
both platforms. Users should save their vital documents to their respec- 
tive platform-native volumes first, then translate copies to be shared with 
cross-platform users. That way, master documents will be preserved in 
the event that a translation attempt corrupts a file. 
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Installing DOS Software 


DOS installation disks come with installer batch files that work much like 
the Apple installer script. Most of the time, the installer will be called 
INSTALL.EXE or SETUP.EXE. 


The installer will usually present you with a few screens that prompt you 
for information about the PC’s hardware configuration. It will make a 
guess at a default, but that guess might be a poor approximation of what 
the PC really has inside. If you are not sure of the exact configuration, it is 
best to write down the prompted questions and then exit the installer to 
seek out the answers. 


Most installers will ask if you want them to modify your CONFIG.SYS 
and/or AUTOEXEC.BAT files in order to include certain command vari- 
ables. Back up these files first in case the new installation causes your 
machine to crash. To do this: 


Put a fresh floppy diskette in the PC. 


2. Format the diskette as a “system disk.” This installs on it several boot 
files, making it capable of running the PC should something happen 
to the system files on the hard drive. Type: 


\format A: /s 


You will be prompted for the diskette first, then asked for a diskette 
name later. Just press Enter at both prompts. When asked whether or 
not you would like to format another diskette, press N. 


3. Copy the AUTOEXEC.BAT file onto the floppy diskette by typing: 
\copy C:\autoexec.bat A: 


4. Copy the CONFIG.SYS file onto the floppy diskette by typing: 
\copy C:\config.sys A: 


In both cases, DOS will let you know if you did this correctly with the 
message: 


1 file(s) copied 
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With these files backed up, it is safe to run the installer. Should a problem 
arise, you can boot up from the floppy disk and copy the 
AUTOEXEC.BAT and CONFIG.SYS files back over to the hard disk, 
restoring the PC to its previous condition. 


MOVING FILES INDOS 


DOS-only PC users may use Farallon’s PhoneNET PC to attach server 
volumes. These volumes are mapped to a DOS drive letter (e.g., D:, E:, 
etc.). Users may transfer files back and forth using the same DOS com- 
mands as those used to access a local hard disk. 


Windows users who need to access a DOS program may log on to the 
server using AppleShare Client for Windows or COPS, Inc.’s COPSTalk. 
They may then issue commands using a DOS session activated through 
Windows’ DOS Prompt application. 


To copy a DOS file from a local drive to a network drive, use a command 
line such as: 


\copy C:\example.bat E: 
If done correctly, the PC responds with: 
1 file(s) copied 


If the file is not found in the root directory, add the path to its subdirec- 
tory in the same command line: 


\copy C:\windows\system\system.ini E: 


At some point you might type a long line that contains a mistake. You 
will then be told File(s) not found. Rather than retype the entire com- 
mand line, press F3. This will restore everything you typed up to the 
point of pressing Enter. You can then use the backspace key to correct 
your mistake. 
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If a file is important, it is a good idea to make a duplicate of it. To do this, 
copy and rename it using a command line such as: 


\copy C:\config.sys C:\config.bak 
To copy all files with a given extension, use a command line such as: 
\copy C:\*.bat E: 
To copy all files with a given name, use a command line such as: 
\copy C:\example.* E: 
To copy all files in a directory, use a command line such as: 
\copy C:\*.* E: 
To delete a file, use a command line such as: 
\erase example.bat 
To create a directory, use a command line such as: 
\mkdir work 


The same DOS 8.3 naming convention that applies to files applies here as 
well. Also, names must start with either a letter or a number. Names may 
not include the characters / [ ] ; = “ \ : I, oracommaor period. 


To remove a directory, use a command line such as: 
\rmdir work 
DOS displays the following directory and file information by default: 


e Size of files (in Bytes) 

e Last Modification Date of files 

e Last Modification Time of files 

¢ Number of Files and Directories 


e Hard drive space used by Files and Directories 
To see these file and directory details, type DIR at the command prompt: 


E:\DIR 
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You will see something similar to this: 
Volume in drive E is SERVER 
Volume Serial Number is 1AB1-7857 
Directory of E:\ 
EXAMPLE BAT20712-25-943:02p 
WORK<DIR>12-25-943:05p 
HR<DIR>11-11-932:06p 
) 3 file(s)48234 bytes 
514333568 bytes free 


If more files exist than can be seen all at once, type DIR/P. This directs 
DOS to fill the screen and then pause, until you press a key, before con- 
tinuing. 


APPLETALK UNDER WINDOWS 3.1 


AppleShare IP ships with the AppleShare Client for Windows, which can 
be run under Windows 3.1 It provides a simple interface that permits 
Windows users to print to networked Apple LaserWriters and map 
AppleShare server volumes to drive letters. Users can use AFP to copy 
files to and from these volumes within Window’s File Manager. 


A PC cannot act as an AFP server and make its files available in the same 
way that a Mac OS computer can using Personal File Sharing. But it can 
use AppleTalk’s distributed name service and dynamic node ID assign- 
ment. 
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Installing AppleShare Client for Windows 


To install this software, select Run from the Windows File menu. In the 
dialog box that appears, use the Browse button to locate the installer. 


Command Line: 


A:\INSTALL.EXE 


[J Aun Minimized 


FIGURE 10-9: Launching the installer through Windows 3.1. 


Choose the Standard Installation button in the installer’s main screen; 
then press the Continue button. 


‘Welcome to the AppleShare Client for Windows Installer. This program can 
be used to install or remove AppleShare Client for Windows from your 
computer. 


itis strongly recommended that you save any open documents and exit all 
Windows programs before continuing. ‘You vall need to restart your computer 
to complete the installation or removal process. 


WARNING: If you are removing AppleShare Client for Windows or 
upgrading to a new version, Windows will be restated during the Uninstall 
process. 


ee) Coe 


=" Anple Computer, Inc. 


FIGURE 10-10: Selecting options in the installer’s main screen. 


Chapter 10: AppleShare IP and the PC ¢ 539 


Apple’s installer makes a backup of system files before changing them. It 
then asks about the PC’s NIC configuration before installing the client 
software. 


FIGURE 10-11: Viewing the installer’s progress. 


The installer will eventually ask you to enter a user name and a machine 
name. These are the Windows equivalents of the Mac OS File Sharing 
control panel owner name and computer name. Enter the requested infor- 
mation and press the Continue button. 


Enter User Name 


@ Please enter your default user name for connecting 
to an AppleShare server: 


FIGURE 10-12: Entering the PC user name. 
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Using AppleShare Client for Windows 


The installer creates a Program Group, which contains four icons. Apple- 
Share Client for Windows is the only application that you need to launch. 
Its functions can be accessed using the three buttons in the upper left of 
the application’s main window. 


[= Apple Network Services 


Client for 


epic 


AppleShare AppleShare NetID Utility 
Help 


=F 


@ Name Only 
© Name and Password | 


FIGURE 10-14: Selecting a drive letter for the server volume. 
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To log on to an AppleShare server, press the first button in the upper left. 
A list of local volumes and available network drive letters appears. Here, 
select a drive letter to map to an AppleShare network volume. You will 
then be presented with a Chooser-like list of zones and the servers within 
those zones. Choose the AppleShare server; then press the Connect but- 
ton. 


= —__SelectFileServer 


. Workgroup S — 


FIGURE 10-15: Selecting a server’s zone and name. 


An AppleShare log-on dialog box will appear. As you would under the 
Mac OS, enter your user name and password, and then press the OK but- 
ton. 


—— aa ae 


FIGURE 10-16: Logging on to the server. 
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FIGURE 10-17: Choosing server volumes. 


Next, you will be presented with the list of server volumes that you may 
attach. Pick the volume that you want to work with; then press the OK 
button. That volume is now “attached” to your PC and can be accessed 
like a local hard disk. 


Select LaserWriter 


To print to a LaserWriter, press the second button in the upper left. You 
will be shown a list of ports to which you can “connect” the device. In the 
same way that the Mac OS uses a Modem and a Printer port, the PC uses 
an “Ipt” port, named in the days of “line printers.” Choose a port that is 
not in use, then click Select Network Printer. 
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FIGURE 10-18: Attaching a LaserWriter. 


In the next window that appears, choose the LaserWriter’s name and 
AppleTalk zone. 


Select Network Printer 
a ig a a as 


cme R&D 
cme Senior Staff 


FIGURE 10-19: Selecting a printer name and zone. 


Press the OK button when you have finished. You will be warned that 
the necessary printer drivers must also be installed to allow you to print 
to the LaserWriter from any Windows applications. Depending upon the 
printer, these drivers will be found in one of two places: on the Windows 
installer diskettes or on Apple diskettes that came with the LaserWriter. 
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Set the User and Machine Names 


You can change the PC’s user and machine name at any time by pressing 
the third button in the upper left. This opens a window that can be 
regarded as the equivalent of the Macintosh Sharing Setup control panel. 
You can also change the machine’s default zone here. 


Network Identity 


Nathaniel DuPont 


| Computer | 
[Mathan's 486 } 


| AppleTalk Version: = fie | 


FIGURE 10-20: Changing user and machine names. 


Moving Files in Windows 3.1 


Windows’ File Manager can work with files and folders on attached AFP 
volumes. To see a graphical representation of the hard drive’s contents, 
you can launch File Manager from its Windows program item in the 
Main program group. Instead of directories, you will see folders, files 


represented by earmarked pages, and programs represented by small 
windows. 
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FIGURE 10-21: Working with File Manager. 


Note the open folder in Figure 10-21. File Manager defaults to the Win- 
dows directory. The files on the right are Microsoft Windows 3.1 pro- 
gramming files. If you were to exit Windows and go back into DOS at this 
point, you would find C:\ WINDOWS at the C: prompt. To get to the root 
directory, you need to double-click the C:\ folder icon. 
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C) autoexec. bek 
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[) config.bak 

é config. sys 


FIGURE 10-22: Directing File Manager to the root directory. 


To access a network volume, click on its namesake button at the top of the 
File Manager window. 


G: [PUBLIC] 


5 | 
Emile Gaic (ele 


ie gs | & | [| ]aal. win 
©) aol. win CJ virus 
CE virus E dragdom! .zip 


P™lexplosiv.com 


FIGURE 10-23: Accessing a network volume. 
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To copy a file from the server, select it and drag it over to the C volume 
icon. Whichever directory was open when you left the C volume is where 
the network volume’s file will be copied. In this example (Figure 10-23), 
we left the root directory open. Had we not taken the earlier step (Figure 
10-22), it would have been copied to the C:\ WINDOWS directory. 


You can copy groups of files and folders by holding down the Shift key, 
using the mouse to select blocks of consecutive files. To select files that 
are not listed consecutively, hold down the Control key instead. 


— * 


aA 
a 
a 


FIGURE 10-24: Creating a folder (directory). 


To make a new folder, choose the Create Directory command from the 
File menu. As when copying files, your current location in File Manager's 
directory tree is where the new folder will be created. The 8.3 DOS nam- 
ing convention applies here also. 


To rename a folder, choose the Rename Directory command from the 
File menu. 
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FIGURE 10-25: Renaming a directory. 


Although the default File Manager window gives you few details about 
directories and files, you can see more. File Manager can list and sort files 
and directories by: 

e Size (in Bytes) 

e Last Modification Date 

e Last Modification Time 

e File Attributes (such as hidden, system, archive, etc.) 


To see these file and directory details, select the All File Details com- 
mand from the View menu. 
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1/30/94 = 1:20:08pm 
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FIGURE 10-26: Viewing file details in file manager. 


APPLETALK UNDER WINDOWS 95 AND NT 


Windows NT comes with its own AppleTalk protocol stack, at last mak- 
ing the PCs that use it as friendly to Mac OS computers as they are to each 
other. Windows 95 does not include this capability. AppleShare IP is bun- 
dled with the CoOperative Printing Solutions (COPS), Inc.’s COPSTalk, 
however, which installs and works in much the same way as the Win- 
dows NT protocol stack. Both Windows NT and COPSTalk enable PC 
users to print to networked Apple LaserWriters and map AppleShare 
volumes to drive letters. 
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Installing COPSTalk 


To install COPSTalk, select Run from the Windows Start menu. Here, use 
the Browse button to locate the installer. 


| Lape cn =i ula 
Oper: [D:\Setud | 
[ET] ces | _ pow. | 


FIGURE 10-27: Launching installer through Windows 95. 


COPSTalk is installed using a handy Windows “wizard.” Simply answer 
the questions as they are posed. 


I) Master lmaloer 


COPSTalk 


Windows 


to Copying COPS TEMP HELP: 


CATEMP\Ctw2_10.hip 
the 


Macs 


FIGURE 10-28: Using the COPSTalk installer. 
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Before proceeding, make sure that there are no remnants of other Apple- 
Talk protocol stacks on the PC, such as PhoneNET PC or AppleShare Cli- 
ent for Windows. 


Cortrol Panel Printers 


FIGURE 10-30: Adding a protocol. 
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FIGURE 10-31: Selecting the protocol. 


When the installer has finished, you will be prompted to restart the PC. 
Once you have done so, you must load the AppleTalk protocol stack so 
that Windows can use it. To do this, open the Network control panel, 
which is located in the Control Panel folder in the My Computer window. 
You will see two tabs. Under the Configuration tab, press the Add but- 
ton. This will open a window in which you can choose network compo- 
nents. Then select Protocol and press the Add button. This will open a 
window in which numerous vendors and network protocols are listed. 
Select “COPS, Inc.” in the Manufacturer pane and “AppleTalk Protocol” 
in the Network Protocol pane. Press the OK button when you have fin- 
ished. 


When you return to the Select Network Component Type window, select 
Client from the list and press the Add button again. 
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FIGURE 10-32: Adding a client. 


You will again want “COPS, Inc.” in the Manufacture pane. Select “Cli- 
ent for AppleTalk networks (COPSTalk)” in the Network Clients pane. 
Press the OK button to return to the control panel window. Press the OK 
button to exit the control panel. Then restart the machine. 


Intel EtherE xpress 16 of 16TP 
TS AppleT alk Protocol 
§ TCPAP 


FIGURE 10-33: Control panel with AppleTalk added. 
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This is the same procedure used to install AppleTalk under Windows NT. 


Using COPSTalk 


The installer creates a COPSTalk Program Group. You do not need to use 
anything here. Once AppleTalk has been installed, you can access Apple- 
Share services in the same way that you would any PC-native networking 
services. This is generally done using the desktop’s Network Neighbor- 
hood window, a browser that performs much like the Mac OS Chooser. 


=a 


Network 
Neighborhood 


fe COPSTalk 4 [9] COPS WEB PAGE INFO 
(G3 Mastering Internet Development > @ COPSTak 2.01 Hep 
(@ Microsoft TechNet > .» COPSTak Utiay 
(ES Printscreen 95 > 29 Extension Mapping 
(3 StartUp >.» HP Printer fix 

(3) Timbuktu Pro > [2] Release Notes 

Q inteimet Explorer 

SB Intemet Mall 

<> Intemet News 

EY Microsoft Exchange 

aE? Microsoft NetM eating 

MS-DOS Prompt 

& Windows Address Book 


FIGURE 10-34: Viewing the COPSTalk program group. 
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Select AFP File Servers 


To log on to an AppleShare server, you will need to navigate through 
progressive Network Neighborhood windows until you find its Apple- 
Talk zone and name. 


FIGURE 10-35: Locating the AppleShare IP server. 


Double-click on the server icon to open an AppleShare log-on dialog box. 
Here, enter your user name and password and press the OK button. You 
will then be shown the list of available AppleShare volumes. 


Enter Netwotk Password 


FIGURE 10-36: Logging on to the AppleShare IP server. 
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FIGURE 10-37: Selecting a server volume. 


CG AppleShare 5 Server 


Edt Yew Heb 


\\VAppleShare 5 Server@Public\S taff Folder Cancel E | 
T Reconnect at logon 


8 


FIGURE 10-39: Choosing the network drive letter. 


Select the volume that you wish to attach; then select the Map Network 
Drive command from the File menu in the server volume’s window. You 
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will be prompted to choose a drive letter. The AppleShare volume then 
becomes accessible through the My Computer window, just like any local 
volume. 


1 Staff Folders 
Jon ‘Appleshare os 
{ eo . “e) hi —_ 

f ODOC: — iCass! Custom Install 


Dan 


FIGURE 10-40: Viewing the network volume from the My Computer window. 


Select LaserWriter 


FIGURE 10-41: Opening the Printers window. 
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To print to a LaserWriter or AppleShare IP print queue, you will first 
need to add it to your PC’s available printer group. To do this, choose the 
Printers item under the Settings command in the Start menu to open a 
Printers window—any local printers will have an icon here. To create one 
for a networked LaserWriter, double-click on the Add Printer icon. 


Ff} Printers 
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FIGURE 10-42: Adding a LaserWriter. 


Add Punter Wizard 
How is this printer attached to your computer? 


IFitiz attached to your computer, click Local 
Printer. {f tt attached to another computer, click Network 


™ Local printer 


¢ Beck Cancel | | 


FIGURE 10-43: Running the Add Printer wizard. 
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This will launch another Windows’ wizard, which will ask you if the 
printer is local or on the network, and then let you install a driver for it. 
Since the LaserWriter or print queue is on the network, you will have to 
show the wizard where. 
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FIGURE 10-44: Locating a network printer or print queue. 


Once you have installed a driver and completed the other steps required 
by the wizard, a new icon will be created in the Printers window for the 
LaserWriter. This icon acts much like any Mac OS desktop printer icon. 
Double-click on it to view and control print jobs. 


To make the network printer your PC’s default, choose the Set As Default 
option under the Printer icon’s Printer menu. 
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FIGURE 10-45: Setting a printer as the Default. 


Set the User and Machine Names 


You can change the PC’s user and machine name any time by opening the 
Network control panel and pressing the Identification tab. Here you may 
change what is currently in the Computer name and Computer Descrip- 
tion fields. 


Network ; a EG | 
Configuration Identification | 


Windows uses the following information to identify your 

——# computer on the network. Please type a name for this 
computer, the workgroup % will appear in, and a short 
description of the computer. 


Computer name: = &#©»©«~— 
Workgroup: [Scion NETWORKS 


Computer 
Desernt TOM DELL 


FIGURE 10-46: Changing user and machine names. 
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Moving Files in Windows 95 and NT 


Unlike Windows 3.1, Windows 95 and NT use the same drag-and-drop 
methodology of the Mac OS. You are presented with additional options 
when you use the PC mouse’s second button. If you drag a file from a net- 
work volume using the Move Here command generated by that second 
button, it will put the file in your local hard drive and then remove it 
from the server. If you drag a file from a network volume using the Copy 
Here command, it will put a duplicate of it in your local hard drive. If you 
drag a file from a network volume using the Create Shortcuts command, 
it will leave the file where it is and create a Mac OS alias-like pointer on 
your local hard disk. 
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FIGURE 10-47: Dragging and dropping a network file. 


When you copy a file from the server, you will see a Windows version of 
the File Transfer status window. 
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FIGURE 10-48: Copying a file from the server to a local hard disk. 


The folder and file details that can be viewed under Windows 95 and NT 
are more Mac OS-like as well. These can be accessed under a window’s 
View menu. 
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FIGURE 10-49: Changing the window view. 


TCP/IP AND RELATED SERVICES 


It is possible to ran TCP/IP on DOS and Windows 3.1 machines, but not 
usually worth the effort. Windows 95 and NT are shipped with TCP/IP, 
however. To use it, you need to install the protocol in the same way that I 
described the installation of COPSTalk. 
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FIGURE 10-50: Installing the TCP/IP protocol. 


Configure the protocol by pressing the Properties button in the Network 
control panel. Although the fields vary somewhat between Windows 95 
and NT, and even more from those of Open Transport, the information 
required is the same. 
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TCPAIP Properties 


FIGURE 10-51: Configuring TCP/IP control panel properties. 


With TCP/IP installed, your PC users have access to further AppleShare 
IP and related services. 


Web Services 


Web browsers were made to be platform independent, so the versions of 
Netscape Navigator or Microsoft Internet Explorer that your Mac OS 
users surf with look mostly the same as those used by their PC counter- 
parts. They also provide access to the AppleShare IP-based Web page or 
Intranet. 
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FIGURE 10-52: Logging on to the AppleShare IP Web server from a PC. 


Email Services 


PC users can easily log on to the AppleShare IP Mail Server using a Win- 
dows 95 POP client. Windows 95 even comes with an email client in the 
form of Microsoft Exchange, which can be launched by double-clicking 
on the “InBox” icon. 
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FIGURE 10-53: Logging on to the AppleShare IP Mail Server from a PC. 


Backup Services 


If you have followed my advice and added your desktop computers to 
the automated Retrospect backup system, you should consider adding 
your PC users to this system also. Dantz has a Retrospect client for Win- 
dows 95 and NT. 
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FIGURE 10-54: Logging in to the Retrospect backup system from a PC. 


File Sharing 


Farallon’s Timbuktu Pro, which I mentioned earlier, is probably best 
known for its screen sharing features, which let network users view and 
control each other’s computers. This feature also works between Mac OS 
computers and PCs. Figure 10-55 is a screen shot of a Macintosh control- 
ling a PC, which in turn is controlling an AppleShare IP server. 


An equally useful feature of Timbuktu Pro is its ability to permit file 
exchanges between Mac OS computers and PCs directly, in a true peer- 
to-peer fashion. 
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File Edit Setup Service Windows Help 


limbukty Pro (SHUPET Pel ES 
File Edt Setup Services Connections Help 


* AppleShare IP Web & File Server 
AppleShere 5 Server 


Default Zone: Public 
File Server vie TCP: On FTP: On 
Muitthoming: On HTTP: On 


File Server Yelumes: 


MadDog 
AppleShare IP Companion CD 


VWrebmaster 


Macintosh HD 7 


© Apple Extras 
DCD Applications 
( Documents 
1 (> Downloads 

(C2 FiashNotes Received 
(2 Games 

(CD Internet 

D Picture 1 

D Picture 2 

D Picture 3 

D Picture 4 

.... Scion Networks 


FIGURE 10-56: Exchanging files between a Macintosh and a PC. 


@ autoexec. bet 
D autoexec.dos 
D) autoexec.odp 
@ commend.com 
D commend.dos 
D config.des 

D config.sys 

D config.win 
D dantz 

DC dos 

CD download 
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Another great feature: Timbuktu Pro automatically assigns the correct file 
type and creator code-to-suffix mapping information to any files trans- 
ferred across platforms. If a user creates a document in Microsoft Word 
for Windows and sends it to a Mac OS user, Timbuktu Pro will make sure 
the file gets the resource fork it needs to appear on the user’s desktop as a 
double-clickable Word icon. If the file is sent back to the PC user, Tim- 
buktu Pro strips the unneeded resource fork and adds the three-letter 
DOS extension. 


SUMMARY 


There are several ways to permit both Mac OS computers and PCs to 
share network services. You can install AppleTalk on the PCs, you can 
install a PC-common protocol on the Mac OS computers, or you can 
install TCP/IP on both. 


If you are preparing to run AppleTalk on a PC, you should be aware of 
the inherent differences between PCs and Mac OS computers in the way 
they handle files and folders. 


Once an AppleTalk network connection has been established, PC users 
can exchange files and print to an AppleShare IP server using DOS, Win- 
dows 3.1, Windows 95 or Windows NT. Once a TCP/IP connection has 
been established, additional services become available such as Web ser- 
vices, email, backup and file sharing. 


MacDNS 


Which do you find easier to remember: www.scionnet.com or 
38.247.58.10? 


If you are like most people, you find words easier to remember 
than numbers. So you should find it easiest to remember the URL 
of my company’s Web server if I give it to you as “www.scion 
net.com.” Both are valid designations for the same computer, rep- 
resenting the Web server’s hostname and IP address, respectively. 
These designations are wedded by the TCP/IP service known as 
the Domain Name System (DNS). 


At its simplest, DNS is a database that matches up the dotted 


numerical IP addresses that computers understand with the plain- 
English hostnames that people like to type. Besides making 
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machines more recognizable to humans, DNS allows hostname-to-IP 
address mapping to be altered without interrupting network communica- 
tions. 


For example, imagine that a company decides to move its Web site froma 
Web hosting service to its own in-house AppleShare IP server. With a 
small change in the DNS, that hostname can be resolved to the in-house 
server's IP address instead of to the address of the Web hosting service’s 
computer. Regular visitors to the Web site will never know the difference, 
so long as they continue to use the hostname (e.g., www.scionnet.com) in 
the URL. 


DNS is not something all network administrators need to manipulate 
themselves. In many cases, your organization’s ISP will handle this. You 
need only tell the ISP’s technicians what a machine’s static IP address is 
(e.g., 38.247.58.3), what you want its hostname to be (e.g., smtp.scionnet 
.com), and perhaps what services it is running (e.g, SMTP, FTP, HTTP, 
etc.). 


If your ISP does not provide full DNS, or if your network is not connected 
to the Internet, you can provide the service yourself using Apple’s 
MacDNS. This application was installed along with AppleShare IP, but is 
configured and operated separately. You should find it in the “MacDNS” 
folder within the “AppleShare IP 5.0” folder. 


AppieStare IP 5.0 
138.8 MB in disk 1.8 GB available 


a 


AppleShare IP 5.0 Read Me AppleShare IP Easy Setup AppleShare IP Manager 


 - Mail Server Print Server Web & File Server 


MaclDNS SSS 


SimpleText 


FIGURE 11-1: The MacDNS application. 
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DNS AT WORK 


DNS is another network service that adheres to the client/server model. 
In this case, its clients are called resolvers and its servers are called name 
servers. Under the MacOS, both Open Transport and MacTCP have 
domain name resolvers built into them. 


Resolvers are used to query the massive worldwide databases collec- 
tively referred to as the domain name space. First introduced in the 1980s, 
the DNS was designed to allow for the autonomous local administration 
of domain names by distributing the responsibility for address mapping 
across many sites and many computers. This prevents the responsibility 
for mapping all the world’s hostnames from resting with one central 
authority. More important, it makes it unnecessary for all Internet-based 
computers to maintain a single file containing the address mappings for 
all other hosts. Such files would be enormous, as would the amount of 
network traffic generated to keep them in sync. 


The domain name space is hierarchical and can be thought of as like a 
tree. There is a root domain, which can be likened to a tree trunk. From it 
extend primary domains, which can thought of as branches. From these 
spring smaller subdomains—smaller branches—on which are attached 
hosts like so many leaves. 


scionnet.com 


www.scionnet.com 
ftp.scionnet.com 
smtp.scionnet.com 


FIGURE 11-2: The DNS hierarchy. 
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Traffic moves through the DNS hierarchy by following a series of pointers. 
Resolvers point to name servers in the root domain. These powerful name 
servers are owned by specially designated government, educational, and 
ISP sites, and in turn point to top-level domain name servers (e.g., .com, 
.edu, net, .org, etc.), which also reside primarily with governments, uni- 
versities, big companies, ISPs, and the like. Top-level domain name serv- 
ers point to name services in their owners’ various subdomains (e.g., 
scionnet.com). It is at this level that MacDNS is useful. 


Domain name queries originate from resolvers and are sent to name serv- 
ers. The name servers respond directly if the queries relate to subdomains 
for which they are authoritative (have records for). They act as resolvers 
themselves if queried about domains for which they are not authoritative. 


In Figure 11-2, you can see that my company’s name server is authorita- 
tive for any host in the scionnet.com domain. When my PowerBook’s 
resolver asks my company’s name server for the IP address that matches 
www-.scionnet.com, the name server knows to respond with 38.247.58.10. 


When my PowerBook’s resolver asks for the IP address that matches 
www.cie-cais.org, as illustrated in Figure 11-3, things get more compli- 
cated. My company’s name server is not authoritative for cie-cais.org, so 
it must forward a query to a root domain name server. That root domain 
name server refers the query to a name server in another top-level 
domain, .org, which in turn passes the query to the authoritative name 
server for cie-cais.org. The authoritative name server for cie-cais.org then 
resolves the IP address as 38.222.116.3. This information is passed directly 
back to my PowerBook. 


Chapter 11: MacDNS «575 


root 


scionnet.com cie.cais.org 


www.scionnet.com www.cie-cais.org 
ftp.cie.cais.org 


smtp.cie-cais.org 


ftp.scionnet.com 
smtp.scionnet.com 


Where is 
www.cie-cais.org? 


FIGURE 11-3: The recursion process. 


The process I just outlined is called recursion. My company’s name server 
queried the root domain name server and followed successive pointers 
until it found a host that knew the answer to my PowerBook’s recursive 
query. It used a technique called iteration to accomplish this. Iteration is 
the process whereby the queried name server returns either the requested 
information or the name of another name server that might have the 
requested information. 


When MacDNS receives a query for information that is not in its data- 
base, it calls out to a parent server, often that of an ISP, to begin the recur- 
sion process. But if it receives a query for information that it has looked 
up recently, it recalls the requested information from a cache of recent 
data. Since the whole query process is not duplicated, caching provides 
for a faster response. 
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MacDNS can maintain hostname-to-IP address mappings for all hosts in 
a given Zone of Authority (ZOA), which is that part of the domain name 
space for which a specific name server is authoritative. A network might 
have one name server responsible for everything in the domain, or it 
might have multiple name servers, each responsible for different subdo- 
mains (zones) within that domain. (These have nothing to do with Apple- 
Talk zones.) 


Most domains on the Internet are supervised by at least two name serv- 
ers, primary and secondary, so if one goes down the other can maintain 
DNS. You can set up MacDNS as a primary server. Any secondary 
domain name servers running on your network can then copy MacDNS’ 
zone information periodically. You cannot set up MacDNS as a secondary 
name server, however, as it will not import zone information from 
another name server. 


SETTING UP MACDNS 


MacDNS can be run on the same Macintosh that hosts AppleShare IP or 
on a lesser Macintosh—any one with a 68020, 68030, 68040, or PowerPC 
processor. It needs just 1,500 Kbytes of RAM, System 7.x or higher, and 
either MacTCP 2.0.6 or Open Transport 1.1 (or higher). On pre-System 7.5 
computers, the Thread Manager 2.0.1 extension is required. A network 
connection using a static IP address is also necessary, of course. 


Once you have chosen your name server Macintosh, it is wise to place an 
alias of the MacDNS application in the “Startup Items” folder of the Sys- 
tem Folder so that it will boot up automatically whenever its host com- 
puter is restarted. 
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” & File Edit Hosts View Window Stats 
- ore fae Message Log Sen 


6/7/97 10:11:10 AM Starting up MecDNS at IP address 38.247.58.2 
6/7/97 10:11:13 AM Warning: No parent servers ere configured. 


FIGURE 11-4: Initial launch of MacDNS. 


After that, you will be ready to configure MacDNS for your specific net- 
work. Launch MacDNS, and take note of the messages that appear in the 
Message Log window. You should see one confirming that the Macintosh 
has a valid IP address, followed by a warning that “no parent servers are 
configured.” Before you change that situation, you need to provide 
MacDNS with details about your particular network, its ZOA. 
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Create a Zone File 


Zone Information 


Domain Name: your .top.domain} 
Primary Server: |DNS name.of.this computer. 


Secondary Server : 


Administrator: | your .e-mail.address@your host 


Refresh interval: 
Retry Interval: |2 
Expire Interval: |7 


Minimum TTL: 


FIGURE 11-5: The Zone Information dialog box. 


To begin, open the Zone Information dialog box by choosing the New 
Zone File command under the File menu bar item. Here, type your Inter- 
NIC-registered domain name in the Domain Name field (e.g, “scionnet 
.com”). Then enter a hostname for the MacDNS computer in the Primary 
Server field (e.g, “dns1”), which should differ from the name in the Mac- 
intosh’s Sharing Setup control panel. If MacDNS will be working in con- 
junction with a secondary server, you may type the name of that server’s 
ZOA in the Secondary Server field (e.g., “trdell.com”). Finally, type an 
email address for the individual who will administer Mac DNS in the 
Administrator field. This will be visible to other DNS administrators who 
may need to contact your site. 


Zone Information 


Domain Name: | scionnet.com 


Secondary Server : 


Administrator: | trdeli@scionnet.com 
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Default Values 

The default values in the four fields with pop-up menus are used to keep 
MacDNSQ’ zone up to date without causing excessive network traffic. You 
will probably not need to change these. 


Adsitatstr ater : 


trdell@sctonnet.cc 
e 


seconds 
minutes 
Refresh interval: 
| days 
Retry Interval: [2] | hours | 
Expire interval: Cas) 
Mimimem tri: (1) (as ¥) 


The values are as follows. 


Refresh Interval. The Refresh Interval setting determines how 
often a secondary server will query MacDNS to see if any of its hostname- 
to-IP address mappings have changed. Whenever there is a change, the 
secondary server updates its records to reflect this through a zone transfer. 
The recommended setting is 8 hours. 


Retry Interval. The Retry Interval setting determines the length of 
time a secondary server will wait after communications with MacDNS 
fail before trying again. The recommended setting is 2 hours. 


Expire Interval. The Expire Interval setting determines the length of 
time during which a secondary server will keep its zone information 
cached after it has been unable to communicate with MacDNS to perform 
a zone transfer. You cannot rely on the accuracy of cached DNS informa- 
tion beyond a certain point. The assumption is that it is better for the sec- 
ondary server to provide no data than to provide obsolete data. Once the 
interval is reached, the secondary server will purge the data it received 
from MacDNS from its cache. The recommended setting is 7 days. 


Minimum TTL. The minimum Time to Live (TTL) determines how 
long a hostname record in MacDNS’ database will be cached. The recom- 
mended setting is 1 day. 
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am 


@ File Edit Hosts View Window Stats 


6/7/97 10:11:10 AM Starting up MacDNS at IP address 38.247.58.2 
6/7/97 10:11:15 AM Werning: No parent servers are configured. 
6/7/97 10:40:31 AM Creating new zone ‘scionnet.con.’ 


== ¢scionnet.com. a 


FIGURE 11-6: New Zone List window. 


Press the OK button when you are finished. Note that a new window will 
appear with the domain name you typed in the Zone Information dialog 
box as its title. This is the Zone List window. The title will be preceded by 
a diamond until you save the list. I suggest that you save this list in the 
“MacDNS” folder now. 


MacDNS can be made authoritative for multiple zones. Simply repeat 
these steps for each zone and save each Zone List. For example, my com- 
pany’s network has two domain names. The domain name scionnet.com 
is used by most of our computers; the domain name trdell.com is used in 
the training room only. They each get their own Zone List. 
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" @ File Edit Hosts View Window Stets 


Message Log 


6/7/97 10:11:10 AM Sterting up MacDNS at IP address 36.247.58.2 
6/7/97 10:11:15 AM Warming: No perent servers ere configured. 
6/7/97 10:40:31 AM Creating new zone ‘socionnet.com.' 

6/7797 12:32:14 PH Creeting new zone ‘trdell.con.' 


scionnet.com 


_ ® Address 


FIGURE 11-7: Two zones on the same IP network. 


Establish the Parent Server 


Once you have given your MacDNS name server its identity, you can 
configure it to communicate with its parent servers. MacDNS relies on 
these name servers to answer queries about hostname-to-IP address map- 
pings that are not in its own database. Generally, these will be the servers 
of your organization’s ISP, as they are usually able to supply full recursive 
name service, the process illustrated in Figure 11-3. By default, MacDNS 
looks to the name servers you typed into the TCP/IP (Open Transport) or 
MacTCP (Classic Networking) control panel when you configured the 
Macintosh. 
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Search domains : 
res4.dns.psi.net 


FIGURE 11-8: Name servers in the TCP/IP control panel. 


You can configure MacDNS to query additional servers as well. To do 
this, choose the Set Parent Servers command from the Hosts menu bar 
item and enter the name servers’ hostnames and IP addresses. 


= Parent Servers Ssseeeeiremeeee 


Server IP Address 


res4 .dns.psi.net 38.8.84.2 


Press the OK button when you are done. You will not need to restart the 
MacDNS application for the changes to take effect. 
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Enter Hostname-to-IP Address Mappings 


At this point you may create the MacDNS database by entering host- 
names for the IP addresses within your network’s zone(s). To begin, 
select the Add Permanent Host command from the Hosts menu bar item. 
This will open a Host Information dialog box. 


Sas Host Informatio 


Host Name: 
IP Address: |0.0.0.0 Time to Live: (| 


Aliases: 
(separate by 
commas) 


Mail Exchangers : 
Center pref value 
& host name) 


Hardware: 


FIGURE 11-9: Host Information dialog box. 


The domain name for the zone will have been entered automatically (e.g., 
scionnet.com) and the hostname part of the address—the part you need 
to type in—will be highlighted (e.g., a-permanent-host). Simply type the 
hostname for a given computer in the Host Name field and its IP address 
in the IP Address field. The Time to Live field determines how long this 
information will stay in a name servers’ cache before being purged; it 
adopts the MacDNS setting by default. 


Host Name: | www.scionnet.com. 


IP Address: [38.24750.1d | TimeteLive: [1 _| 


Hostnames entered here are not case sensitive, but there are some other 
rules that you should consider: 
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Avoid the use of special (non-alphanumeric) characters—even 
underscores—in hostnames. A lot of software has trouble with them. 


Keep hostnames short and simple. Domain names are supposed to be 
easier for humans to remember than IP addresses, so an obscure host- 
name like “www.sf.hyde.5.scionnet.com” would defeat the purpose. 


To avoid confusion, avoid words that can be spelled in more than one 
way. For example, one of my favorite Web sites is at “www.lynda 
com.” Naturally, when I refer to it in my Webmaster Workshop, class a 
few students will immediately type “www.linda.com” into their 
browsers. (This is the site of author Lynda Weinman, by the way, 
whose book Designing Web Graphics [New Riders, 1996] I consider a 
must-read for aspiring Webmasters.) 


Try to use hostnames that are descriptive of the host's function. 
“mailhostl.scionnet.com” and “mailhost2.scionnet.com” might be 
enough to tell someone all they need to know, but “mailhost 
-smtp.scionnet.com” and “mailhost.pop.scionnet.com” delineate 
their respective hosts’ duties further still. 


Be aware of the fact that these hostnames are relative to your domain, 
so hostname conflicts beyond your network are not much of an issue. 
For instance, “www.apple.scionnet.com” is never going to conflict 
with “www.apple.com.” Within your network, however, you will 
have to be careful to maintain a unique hostname and IP address for 
each computer. 


For the convenience of applications that log such information, you can 
identify the hosts’ hardware and software characteristics by using the 
pop-up menus at the bottom of the Host Information dialog box. Press 
the OK button when you have finished. Your first record will now appear 
in the Zone List window. 


Macintosh "ie 
Macintosh-! : 
Macintosh-Powerbook 

. oy aa ne Re : RO ean aaaminal ear aneuT? aioe 
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It is a good idea to save the Zone List whenever you make a change. The 
title of the Zone List window will be preceded by a diamond until you do 
SO. 


The Zone List Window 


Before we move on, let’s take a look at the Zone List window. It displays 
the following information: 


Type. Hostnames can be of several types. A permanent (Perm) host- 
name is the one actually mapped to a computer’s IP address. Such a host 
can also have alias (Alias) hostnames, giving it multiple identities. When 
several servers are deployed to share the workload for a given service, 
they are designated with a Loadshare hostname. Finally, a host that does 
nothing but exchange email is designated with a Mail Exchanger-only 
(MX-only) hostname. 


Last Used. The data in this column refers to the time the hostname 
was created, changed, or most recently queried. 


IP Address. In most cases the host’s IP address mapping is listed 
here. For records not associated with an actual IP address, a dash (—) is 
used. 


Hostname. Listed here is the hostname that is mapped to the IP 
address. 


You can change the order in which the information is presented by choos- 
ing to sort By Type, By Last Use, By IP Address, or By Name under the 
View menu bar item, or by clicking on the appropriate column heading. 


Here is perhaps the most important thing to remember about this win- 
dow: If you close it, you shut down the name service for its zone even if 
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MacDNS is still running! If you want to reduce the clutter on your screen, 
you can choose the Hide Window command from the Window menu bar 
item instead. Selecting its name under the Window menu bar item makes 
it reappear. 


Window 
Move To Back XB 
Hide Window 


Look UpHost S&L 
Message Log 


Cached Hosts 
s$cilonnet.com. 


At this point we have created what is called an address (A) resource 
record. Specifically, I have mapped the hostname www.scionnet.com to a 
Macintosh running AppleShare IP and having the IP address 38.247 
58.10. Of course, since it is an AppleShare IP server, it is also running 
FTP. I need a hostname that makes sense to file server users also. 


Aliases 


This is where the alias comes in handy. To create it, I simply re-open the 
Host Information window and type the secondary designation in the 
Aliases field. You can add several hostnames here, so long as they are 
separated by commas. 


Aliases : | ftp.scionnet.com 
(separate by 
commas) 


You cannot add an alias name that does not include the real domain 
name of the host. For example, I can use “ftp.scionnet.com” as an alias to 
“www.scionnet.com,” but I cannot use “www.trdell.com” as an alias 
because trdell.com is not part of the scionnet.com zone (even though it 
uses the same IP addresses). Instead, I have to create a Zone List file for 
the trdell.com zone and add “www.trdell.com” to it as a permanent host. 
I can then assign it to the IP address used by my AppleShare IP server, 
“38.247.58.10.” 
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scionnet.com. 
P addres osttame : 
38.247.58.10 
38.247.58.10 


~ 41-5532 } 
11:35:32 AM 


ftp.trdell.com. 
www .trdeli.com. 


Mail Exchangers 


Yet another type of entry is the Mail Exchanger (MX) record, which is used 
for the exchange of email. 


Email is not always sent directly from one host to another, but is often 
relayed through several intermediate hosts. These relay computers are 
mail exchangers. DNS assigns a different priority to each mail exchanger 
host, depending on how desirable it is for that host to receive email. The 
most desirable host is always the destination host, of course, but what if 
that host is unavailable? In that event, email can be sent to a relay host 
that will hold it until the destination host is available. 


This system is vital to the many networks that use dial-on-demand Internet 
service. Under this system the organization’s Internet router “calls” the 
ISP at specified intervals and email is exchanged between a local mail 
host and the ISP’s relay mail host. The router then disconnects and the 
work of getting the email to its ultimate destination is left with the ISP’s 
mail host. 


For example, my company’s mail server resides on a local Macintosh 
called smtp.scionnet.com. Whenever it is up, it contacts other mail hosts 
directly over my company’s full-time Internet feed. On the rare occasions 
when it is down, my ISP collects the email for us. The PSInet mail host we 
use is called relay.smtp.psi.net. 


It is the job of MacDNS to make this arrangement known to my com- 
pany’s hosts. In the Mail Exchangers field, I type: 


10 smtp.scionnet.com, 20 relay.smtp.psi-.net 
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In other words, the first choice for our domain’s MX host is smtp.scionnet 
.com; the second choice is relay.smtp.psi.net. The order of preference is 
determined by the priority “10,” which is lower than that of the other 
host's “20.” This is an important rule: The ower the number the higher the 


priority. 
Mail Exchangers: | 10 smtp scionnet.com, 20 relay smtp.psi.net 
(enter pref value 
& host name) 


What you actually use for a number is irrelevant, although it is wise to 
leave some numbers between them in case you choose to slip in a new 
MX host later. For instance, because I have used the priority numbers of 
“10” and “20,” my company can easily deploy another MX host at prior- 
ity “15.” If I had used “1” and “2” instead, this would not be possible. 


There is one more use for the MX record. In the MacDNS program you 
can designate computers that need mail exchange service only (and no 
other Internet services) as MX-only hosts. This is useful when you do not 
want to map your domain name itself to an actual host computer. 
Instead, you use the domain name as the MX-only host and the name of 
your local mail host as the mail exchanger. Create this type of record by 
choosing the Add MX-Only Host command from Hosts menu bar item. 


MH-Only Host information 


Host Name: 


Time to Live: 


Mail Exchangers: |10 smtp.scionnet.com, 20 relay .smtp.psi.net 
(enter pref value 
and host name) 


Enter the data as you would for a permanent host record, minus the IP 
address and alias information. Press OK when you have finished. 


==>. scionnet. SS _ 2m 


www .scionnet.com. 


scionnet.com. 
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Load-Balancing, Round Robin, and RAICs 


If a service is used heavily on your network, you may wish to distribute 
the workload across multiple servers. MacDNS permits you to do this by 
establishing load-sharing groups composed of several hosts within its zone. 
When so configured, MacDNS will return the address of one host out of a 
group sequentially whenever it is queried for the name of that group. 


For example, I might set up three Macintosh computers to act as identical 
Web servers on my network, and then assign a name to this server group. 
When queried, MacDNS will respond with the IP of one the three hosts in 
what is referred to as round-robin. This effectively creates a Redundant 
Array of Independent Computers (RAIC) system capable of supporting as 
much as three times the traffic handled by a stand-alone server. 


www.scionnet.com? 


FIGURE 11-10: MacDNS and the RAIC. 


To create a RAIC, I might begin by entering each host in MacDNS as 
“www Lscionnet.com,” “www2.scionnet.com,” and “www3.scionnet 
.com.” Once I have established the DNS entries for each host, I click on 
the Host Name column heading so that they are all listed sequentially. 
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Rat = scionnet.com. 
11:33:32 AM 38.247 .58.10 www t sctonnet.com. 


Perm 


Perm 2 08:41 PM 38.247.38.11 www2.scionnet.com. 
Perm 2:11:06 PM 38.247 38.12 www scionnet.com. 


Next, I highlight them in the Zone List window while holding down the 
Shift key. Then I choose the Share Load command from the Hosts menu 
bar item. Doing this will open the Load-Shared Host Information dialog 
box. 


Names of hosts to | www scionnet.com. 
share the load: | www2.scionnet.com. 


www3.scionnet.com. 


Time to live for 


the shared host: fi S| 


Here I type the name of the load-sharing group, “www.scionnet.com,” in 
the Shared hostname field. When configuring load-sharing groups, you 
generally want to set the Time To Live setting to just a few seconds. This 
prevents the information about any one host from being kept too long in 
the cache of any remote name server, which would defeat the round 
robin mechanism. 


I press the OK button to complete the process, and a new listing is 
entered in the Zone List window. 


www .scionnet.com. 


www2.scionnet.com. 
www3 scionnet.com. 


2:08:41 PM 39.247.56.11 
2:11 06 PM 39.247.58.12 
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Problems occur when one of the servers in a load-sharing group is down. 
When this happens, you should remove the hostname from the group 
temporarily so that queries are not routed to that computer. To do this, 
select the hostname in the Zone List window, then select the Disable 
Sharing command from the Hosts menu bar item. 


SS scionnet. 0. Sam: 


Last Used P Address Host Name 


4 : 8. ‘ftp.scionnet.com. 


scionnet.com. 

www .scicennet.com. 
38.247.58.10 www 1 .scionnet.com. 
38.247.38.11 % www2.scionnet.com. 
38.247 .58.12 www .scionnet.com. 


The disabled computer will be listed with an “X” next to its hostname. It 
is still part of the load-sharing group, but MacDNS will no longer return 
an address for that host when the load-sharing group name is queried. 
MacDNS will respond with the proper information if the request is for the 
host itself (e.g, www2.scionnet.com instead of just www.scionnet.com). 


To return the hostname to service, simply reverse the process and select 
Enable Sharing under the Hosts menu bar item. 


IP Address-to-Hostname Mapping 


At this point you should have a good idea of how hostname-to-IP address 
mapping works, but what about the reverse: IP address-to-hostname map- 


ping? 


A special Internet domain name is set aside for just this purpose: in- 
addr.arpa. Domains here are represented by network numbers in reverse. 
For example, the in-addr.arpa domain for my company’s network at 38. 
247.58.0 is 58.247.38.in-addr.arpa. Just as a name server is responsible for 
the hostname-to-IP address mappings within its ZOA, it is usually also 
charged with the IP address-to-hostname mappings in this reverse domain. 


Confused? That’s okay. One of the nice things about MacDNS is that it 
automatically maintains reverse domains for you. Unlike with some other 
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applications, you do not need to create a separate zone file for your in- 
addr.arpa domain and keep it synchronized. 


There is one small catch. When MacDNS is serving multiple zones in 
which two or more permanent host entries are mapped to the same IP 
address, it searches for the first matching hostname associated with the IP 
address (starting in the zone that was opened first) and returns that to a 
reverse domain query. For example, where the hosts www.scionnet.com 
and www.trdell.com both have the IP address of 38.247.58.10, a reverse 
domain name lookup will return whichever hostname is in the Zone List 
that was opened first. In my company’s case this is www.scionnet.com. 


Test the Name Server 


Once you think you have your name server set up the way you want it, 
you should test the installation with a ping utility. My favorite is OTTool 
from Neon Software (http://www.neon.com). Similar to MacPing 
(which you can use on MacTCP machines), it is Open Transport-friendly, 
feature-packed, and free! (You can register by emailing your name, com- 
pany name, address, and phone number to ottool@noen.com.) 
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Display MX Host Info 
Provide Zone List 

Show Route to Host 

Send/Receive Packets from Host 
Resolve Host Name-to |P Address Mapping 


FIGURE 11-11: Neon Software’s OTTool. 


To test your MacDNS setup using this utility, copy it to a remote Macin- 
tosh that is running Open Transport somewhere on your network. Next, 
configure the Macintosh’s TCP/IP control panel to use your MacDNS 
Macintosh as its primary name server. 


Ll i ee ee 


38.247.58.4 
38.8.84.2 


Hame server addr.: 


res4.dns psi.net 


The OTTool Tests 


Now you may launch OTTool and perform five handy tests using the 
buttons in the lower right corner of the application’s main window. 
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DNS. This test will resolve the hostname-to-IP address mapping or IP 
address-to-hostname of a given host. Type in the hostname of a computer 
on your network and press the DNS button. If you have configured 
MacDNS correctly, it will respond with that host's IP address. 


1.12 


304.223 382475612 W 
500.150 : 235 .253.253.0 


500 - 510 } 38.247.58.255 
06.00.07.81 .46.bf : 38.247.58.1 


38.247.58.2 


; : 08.00.07.61 46.bf 
Total Zone Count: 


Local Zone Count: 


alle dell sotonnet.com aa 


Caos 


FIGURE 11-12: A DNS look-up. 


Scan. To review MacDNS’ entire zone table, type the hostname for the 
lowest numbered host on your network and press the Scan button. 


Scan Addresses 


Status: interrupted scan. 


FIGURE 11-13: A DNS database scan. 
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MX. To see the Mail Exchanger (MX) and Hardware Information 
(HINFO) resource records associated with a given host, type in the host- 
name and press the MX button. 


CPU Type: Macintosh-H1 

OS Type: MACOS 

Mail Exchange (Preference): 
smtp.scionnet.com. (10). 
retay.smtp. psi.net. (20) 


FIGURE 11-14: MX and HINFO. 


Ping. If your computer is unable to communicate with one of your net- 
work’s hosts, you can verify that it is on the network by typing in its host- 
name and pressing the Ping button. This will send a series of sonar-like 
packets to the host, which should respond in kind. 


Send — packets with 


interpacket delay waiting no more then. 
[t] second(s) forareply. 
Sent: 5 Recelved: 5 


., Roundtrip time (msec): 
Last: 126 flug: 134 
Min: 126. Mer: 160 


Trace. You can view the path network traffic is taking as it moves 
between your host and a remote host by typing the Internet host’s name 
and pressing the Trace button. 
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144ms 288.142 


FIGURE 11-15: A trace route. 


The information you can gather with OTTool can be helpful when it 
comes to network troubleshooting. 


Look Up Hosts with MacDNS 


OTTool should be set up on a remote computer so that it queries 
MacDNS and thereby permits you to double-check your work. Once you 
know MacDNS is properly configured, however, you can use MacDNS 
instead of OTTool or MacPing to look up basic information about other 
hosts. 


To do this, select the Look Up Host command from under the Window 
menu bar item. In the Look Up Host window that appears, type the name 
of the host you are looking for in the Host name field. Next, press the 
Look Up button. 
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:[ minemenemenmengemrmmamy Lok Up Host sister edbecestneammenveenncenl 


Host name: | trdell.scionnet.com 


Status: Idle... 


trdell.scionnet.com. 86400 IN A 38.247.58.4 
MX 10 smtp. socionnet .com. 

MX 20 reley.smtp.psi.net. 

HIKFO ‘Macintosh-Powerbook’ ‘MACOS’ 


FIGURE 11-16: Look Up Host from MacDNS. 


MacDNS will look in its own database first, then query a parent server 
should this fail to provide a hostname-to-IP address mapping. 


MONITORING MACDNS 


Once you have MacDNS set up, it is quite self-sufficient. Nevertheless, 
there are a few things you can do to monitor its day-to-day operations. 


View the Message Log 


MacDNS tracks significant events in its Message Log window. If it is not 
open already, you can view it by choosing the Message Log command 
from under the Window menu bar item. 
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6 
6 
6: 
6: 
6 
6 
6 


6: 


Pit Starting up MacDHS at IP address 38.247 .58.2 
PH Opening zone file ‘scionnet.com. ' 

PH Successfully read 25 lines. 

Pil Successfully read 6 entries. 

PH Opening zone file ‘trdell.com.' 

Pil Successfully read & lines. 

PU Successfully read 2 entries. 

PH Received query for unknown host in our domain: 


(nt. scionnet .com. ). 

6/7/97 6:11:39 Pil Received query for unknown host in our domain: 
(at .scionnet .com.scionnet.com.). 

6/7/97 6:11:39 PH Received query for unknown host in our domain: 
(nt. scionnet .com.trdell.com.). 


Ley thre tele 


Critical 


Ld [rpite ryt 


Detailed 
Microscopic 


FIGURE 11-17: The Message Log window. 


The pop-up menu in the lower left controls four levels of detail. Critical 
displays only significant changes or errors. Important displays critical 
messages as well as erroneous queries, low MacDNS memory, and a few 
others. Detailed, in addition to all critical and important messages, dis- 
plays a one-line summary of every request that is processed as well as 
time-outs for entries in the MacDNS cache. Microscopic displays all pos- 
sible messages in the greatest detail. This setting is useful in debugging. 


All information displayed here is also recorded in a text file that is auto- 
matically created in the same folder that contains the MacDNS applica- 


tion. 
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= MacDNS™ Log File 6/7/97? == 


6/7/97 10:11:10 AM Starting up MacDNS at IP address 38.247.58.2 
6/7/97 10:11:15 4M Warning: No parent servers are configured. 
6/7/97 10:40:31 AM Creating new zone ‘scionnet.com.’ 

6/7/97 12:32:14 PM Creating new zone ‘trdell.com.’ 

6/7/97 3:24:03 PM Shutting down MacDNs. 

6/7/97 4:18:01 PM Starting up MacDNS at IP address 38.247.58.2 
6/7/97 4:18:07 PM Opening zone file ‘scionnet.com.’ 


6/7/97 4:18:08 PM Successfully read 19 lines. 

6/7/97 4:18:08 PM Successfully read 2 entries. 

6/7/97 4:18:09 PM Opening zone file ‘trdell.com. 

6/7/97 4:18:09 PM Successfully read 6 lines. 

6/7/97 4:18:09 PM Successfully read 1 entries. 

6/7/97 5:00:51 PM Received query for unknown host in our domain: (dns 1.scionnet.com.). 
6/7/97 5:00:51 PM Received query for unknown host in our domain: 


FIGURE 11-18: MacDNS creates text file logs daily. 


View Server Statistics 


In addition to the data recorded automatically in the Message Log win- 
dow, you can also direct MacDNS to display some specific server statis- 
tics. The commands for this are found under the Stats menu bar item. 


Show Query Counts 


If you choose the Show Query Counts command, MacDNS will present 
in the Message Log a summary count of all queries it has received from 
computers on your network. 
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6/8/97 12:04:13 PH MacDNS server up since: 9:29:12 Alt 6/6/97 
2:35:61 time since boot 
2:35:01 time since reset 

1 peckets received 
i responses sent 
unknown query types 
A queries 
NS queries 
CNAME queries 
SOA queries 
WKS queries 
PTR queries 


0 
1 
0 
0 
0 
0 
0 
0 
0 
0 


MacTCP queries 


eo 
[log threshold: | Deteied ww] SSOSOSSSSCCTCTCTTTTTCTTTTS—CS 


FIGURE 11-19: Query counts. 


The types of queries listed refer to the following types of resource 
records: 
Unknown. MacDNS has no idea what these queries were about. 


A (Address). The same as a MacDNS permanent host record. This is a 
simple hostname-to-IP address mapping. 


NS (Name Server). This record lists the domain name servers in a 
given domain. 


CNAME (Canonical Name). This record lets you define an alias for 
an actual (canonical) hostname stored elsewhere in an A record of the 
Hosts file. 


SOA (Start of Authority). This record tells other domain name serv- 
ers which is authoritative for a given domain. 


WKS (Well Known Services). This record reports what services are 
running on a given host (e.g., FTP, Telnet, etc.). 


PTR (Pointer). This record is used in reverse domain name mapping. 


MX (Mail Exchanger). This record points to the hosts that can accept 
email for a given domain. 


MacTCP. This denotes a query from a MacTCP resolver. 


Chapter 11: MacDNS «601 
Show Requesters 


If you choose the Show Requesters command, MacDNS will show you 
the IP addresses of all computers that have requested information. 


6/8/97 12:05:14 PH MecDNS server up since: 9:29:12 AM 6/8/97 
Requester's IP addr No. requests 
1 


2.247 .58.4 


6/8/97 12:05:38 PM MeacDNS server up since: 9:29:12 AM 6/8/97 
2:36:26 time since boot 


Log Uweshold:| Detailed ww) SSCS 


FIGURE 11-20: Requesters. 


Trap Packets 


The Message Log can help you identify problems, but additional tools are 
needed to actually troubleshoot them. One of the best ways to trouble- 
shoot network communications is to watch the contents of packets going 
to and from affected computers using a packet sniffer, such as Neon Soft- 
ware’s EtherPeek or AG Group’s NetMinder Ethernet. While MacDNS 
cannot compete with these commercial products, it does have a handy 
trap feature that can track and display the contents of certain packets 
moving between a host and the name server. 


To use this feature, choose the Trap Packets command from under the 
Stats menu bar item. In the Trap Packets dialog box that appears, enter 
the number of packets you wish to examine in the Trap the next field, up 
to 100. Enter the IP address of the requester computer in the from IP 
address field, or leave the field blank if you want to trap packets from all 
requesting IP addresses. Enter a hostname for the DNS query in the for 
DNS name field, or again, leave the field blank to capture packets for 
many queries. Finally, press the OK button. 
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6/8/97 9: 29: 20 att secent fils fead 2 mente t 
6/8/97 10:07:40 AM Trapping 100 peckets from IP address 38.247.58.4 i 
6/8/97 10:08:29 AM Name is ‘www.apnet.com.’, type | 
6/8/97 10:08:30 Alf Trapped packet from 38.247.58.4: 
6/8/97 10:08:30 AM ID: 0x0001 QR: 0 OP: 0 AA: O TC: O RD: 1 BA: 
0 2: 0 RCODE: 0 
QDCount: 1 ANCount: 0 WNScount: 0 ARCount: 0 
6/8/97 10:06:30 At # 
0000: 00 O01 01 60 60 O01 O00 00 00 O00 O00 00 03: 77:7777~—~Oi«..... eR 15 
0010: 0S 61 70 6E 65 74 03 63 6F 6D 00 00 01 00 O01 “apnet .c com..... A 


6/8/97 10:08:30 AM Sent response to 38.247.58.4: lookup took 24 ticks. de 
6/8/97 10:08:30 AM Trapped response packet to 38.247.59.4;..--.--....-- -——. ~~ Mi 
6/8797 10:08:30 AN ID: Ox0001 QR: | OP: O AA: O TC: O RD: 1 RA: fi: 
0 2: 0 £RCODE: 0 
QDCount: 1 ANCount: 1 NSCount: 0 ARCount: 0 
6/8/97 10:08:30 AN 
ao00: 00 O01 81 00 00 01 00 O1 00 00 00 00 03 7777 77 oo... een. wwe |. 
0010: 05 61 70 6E 65 74 03 63 6F 6D 00 00 01 00 01 CO .apnet.com...... — 
0020: 0¢ 00 01 00 O01 00 01 4A 76 00 04 CO D7? 34:03 (i... Jz... .4. + 


Se 


FIGURE 11-21: Trapped packets displayed. 


The Message Log window will now display various result codes for the 
trapped packets, along with the data in those packets. Of all the messages 
displayed, the ones I find most useful are: 


ID. This identifier is assigned by an application when it generates a 
query. It is duplicated in the corresponding reply so that it can be used 
by the requester to match up replies with outstanding queries. 


OR. This indicates either a query (0) or a response (1). 


OP. This specifies the kind of query in a message. It is created by the 
originator of the query and duplicated in the response. A value of 0 
denotes a standard query (QUERY). A value of 1 denotes an inverse 
query (IQUERY). A value of 2 denotes a server status request (STA- 
TUS). 


RCODE. This, the Response Code, is a response value. A 0 denotes no 
error. A 1 indicates a format error—the name server was unable to 
interpret the query as a result. A 2 indicates a server failure—the name 
server was unable to process the query because of a problem within 
the name server. A 3 indicates a name error, meaningful only in 
responses from authoritative name servers—it indicates that the 
domain name referred to in the query does not exist. A 4 means not 
implemented—the name server does not support the kind of query 
that was requested. A 5 means refused—the name server refuses to 
perform an operation because it has been programmed not to. 
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6/8/97 10:07:40 AM Trapping 100 packets from IP address 38.247.58.4 
6/8/97 10:08:29 AM Name is ‘www.apnet.com.’, type 1 
6/8/97 10:08:30 AM Trapnrd nankas from 3A2A7 AA 4 


QDCount: | ANCount:0 NSCount:0 ARCount: 0 
6/8/97 10:08:30 AM Query 


0000: 000101 00 00 01 00 00 00 00 00 00 03 77 77 77 
0010: 05 61 70 GE 65 74 03 65 6F 6D 00 00 01 00 01 


6/8/97 10:08:30 AM Sent response to 38.247.58.4: lookup took 24 ticks. 
6/8/97 10:08:30 AM Trapped response packet to 38.247.58.4: 


6/8/97 10:08:30 AM Cp. Ox00g GR: DEP.) AA:0 TC:0 RD:1 RA:O Zz: OCRCODE: Of 


QDCount: 1 ANCount: 1 NSCount:0 ARCount: 0 


6/8/97 10:08:30 AM ») [- Response 
0000: 00 01 81 00 00 01 00 01 00 00 00 00 03 77 77 77 i 


FIGURE 11-22: Codes in Trapped Packet. 


View the Cache 


As I explained earlier, when MacDNS receives information from a parent 
server it stores it in a cache for a specific length of time. To view the infor- 
mation in the cache, choose the Cached Hosts command under the Win- 
dow menu bar item. 
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Cached Hosts 


6:11:26 PM 157.22.221.197 www .heon.com. 

6:11:26 PM 137.22.221.197 neon.com. 

6:24:16 PM 38.222.116.3 www .cie-cais.org. 
6:24:31 PM 157.22.252.152 www netfrontiers.com. 
6:24:37 PM 17.254.3.143 appleshareip.apple.com. 
6:24:57 PM 17.254.3.145 www .pplenet.epple.com. 
6:25:12 PM 204 73.73.12 www fallon.com. 
6:23:27 PM <i www pit.com. 

6:25:38 PM 204 .26.73.3 www ortental.com. 


FIGURE 11-23: Contents of the MacDNS cache. 


Entries are listed as several types. Most will be listed as Cached, and 
some will be listed as Negative, meaning that the parent server has 
reported that there is no such hostname. No Response (NoResp) entries are 
shown whenever MacDNS could not get a response from any parent 
server about a query. 


Double-clicking on an entry will open a Host Information dialog box for 
it, but no values within it can be changed. This is useful when you want 
to see what an entry’s TTL is. 


Host Infornetion.$_ ——SSssssSSS 


IP Address: [368.222.1163 | Time to Live: [85709 


PANEER EAERNAEEOT EEE LFEDESEED LEED OLDE OEDLEEE SEED LEDS OEDA EDINA ETINEEDE SEEDED LEEDEEEE SED E OED DEED AEEED IEEE OEE OED EMD MED MDD DEM ttbarr ate rdirrenththirhrartserrsErreneranerecnernneranee 


Aliases: 
(separate by 
commas) 


Mail Exchangers : 
{enter pref value 
& host name) 


FIGURE 11-24: Host information for a cached hostname. 
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SUMMARY 


MacDNS is bundled with AppleShare IP and can be used to map host- 
names with IP addresses throughout your network. It acts as a primary 
name server to multiple zones (domains) and is capable of providing 
zone transfers to secondary name servers. MacDNS does not provide 
recursive name service, but can be used in conjunction with parent serv- 
ers that do. 


RunShare 


AppleShare servers are commonplace in publishing and graphics 
firms. If you ask administrators if they have any complaints about 
their server, many will respond, “It could be faster on the net- 
work.” Considering that these people routinely copy and print 100- 
Mbyte or larger files over the network, you can understand their 
predicament. Fortunately, there is a solution from RUN, Inc., called 
RunShare. 


Think of RunShare as a network accelerator. Installing it on your 
server and workstations can significantly reduce the time it takes to 
transfer files between them without compression and with no 
threat to data integrity. It does not matter what your network’s 
physical configuration is, so long as it is running AppleTalk. Four- 
fold performance gains are typical on 10-Mbps Ethernet networks, 


607 


608 « AppleShare IP 


according to Run, with gains of more than five times possible over 100- 
Mbps Ethernet. You can achieve more than 50 Megabytes per minute on 
Ethernet and more than 100 Megabytes per minute on Fast Ethernet, Run 
claims, depending on the power of the computers on which the program 
has been installed. 


RunShare offers particular benefits to publishing users, as it reduces the 
time required to copy files between two Mac OS computers using the 
Finder and the time required to open or save files from desktop publish- 
ing applications over the network. It also accelerates the speed of work- 
station communications with print spoolers. 


This is somewhat expensive software. In a fast-paced production envi- 
ronment, however, the speed gains promised by RunShare are probably 
worth the investment. 


HOw RUNSHARE WORKS 


RunShare was designed around the idea that standard networks such as 
Ethernet are not inherently slow but are hampered by a bottleneck at the 
processor. They can deliver AppleTalk packets to the network only at a 
modest rate. RunShare overcomes this limitation by reducing the idle 
time between data packets. This does not change the data, so RunShare is 
compatible with all AppleTalk networking standards. It works with 
switches, bridges, and routers without modification. 


According to RUN, RunShare allows you to copy a file across the net- 
work as quickly as you can copy a file to a local hard drive. 
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INSTALLING RUNSHARE 


RunShare can be purchased in either a peer-to-peer or a client / server ver- 
sion. Both are transparent to the user except for a “running man” icon 
that replaces the cursor during a file transfer. RunShare is compatible 
with NuBus- and PCI-equipped Mac OS computers, with or without 
Open Transport. 


RunShare 


RunShare can be used to accelerate the speed of file transfers between 
workstations, and it can be used as the client to a special server version. 
In its peer-to-peer form, it works well with Personal File Sharing. 


RunShare Graphic Server Accelerator 


While the RunShare workstation software will handle only one request at 
a time, the server version can handle multiple simultaneous file transfer 
requests. This is the RunShare Graphic Server Accelerator (GSA) configu- 
ration, which can be purchased bundled with an Apple Workgroup 
Server. 


WORKING WITH RUNSHARE 


RunShare’s operations are controlled from a control panel. Press the 
Start/Stop button to enable or disable it. 
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SSS =] RunShare™ GSA" 2 PCI 


/ | i i Graphic Server Accelerator 
¥Fersion: 2.1.0 
soho HD cronsos ito. | aap ‘ 


Technology 


Status 
RunShare ts enabled. 
Click “Stop” to disable RunShare. 
Server status 
RunShare GSA is enabled. Click “Stop” to disable RunShare 
Options | GSA. | 


(stop _) (options) (About...) 


FIGURE 12-1: Viewing the RunShare control panel. 


Also in the control panel’s main window is an Options button. Press it to 
enable or disable some of RunShare’s specific capabilities. 


RunShare Options 


(4 Accelerate print servers 
Accelerate Finder's network copies 


(Accelerate application’s network 
operations (See reference manua}) 


a 


In order to improve file transfer time between the workstation and print 
spoolers, the Accelerate print spoolers checkbox must be selected. 


To speed up the Computer’s Finder copying operations, the Accelerate 
Finder's network copies checkbox must be selected. 


To reduce the time it takes for applications to open and save files over the 
network, enable the Accelerate application’s network operations check- 
box. 


You should not disable any of these except when troubleshooting. 
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SUMMARY 


RunShare can be described as a network accelerator. It makes file trans- 
fers between RunShare-equipped computers about four times as quickly 
as can conventional AppleTalk network transfers. This is particularly use- 
ful in publishing and production environments. 


Appendix 


Here is the contact information for the makers of products covered 
in this book. Some of these vendors have included demos and other 
information on this book’s accompanying CD-ROM. 

Adobe Systems, Inc. 


Developer of the Acrobat electronic publishing program and the 
Adobe Type Manager font management utility. 


e Voice: (800) 521-1976 
e URL: http:// www.adobe.com 


Ge Adobe Acrobat Reader with Adobe Type Manager on the CD. 
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Aladdin Systems, Inc. 
Developer of the Stuffit file compression utility. 


© Voice: (408) 761-6200 
e Email: sales@aladdinsys.com 


e URL: http: / /www.aladdinsys.com 


StuffIt Expander and DropStuff with Expander Enhancer on the CD. 


AP Professional 
The publisher of this book as well as others mentioned in the text: 


AppleScript Applications, by John Schettino and Liz O’Hara. ISBN: 0-12- 
623957-6. 


AppleTalk Network Services, by Dorian J. Cougias, Tom Dell, and E.L. 
Heiberger. ISBN: 0-12-192570-6. 


Claris Em@iler Companion, by Tom Dell. ISBN: 0-12-208865-4. 
Claris Home Page Companion, by Maria Langer. ISBN: 0-12-436565-5. 


Complete Guide to Macintosh Backup Management, Second Edition, by Dorian 
J. Cougias and Tom Dell. ISBN: 0-12-192562-5. 


Designing AppleTalk Network Architectures, by Dorian J. Cougias, Tom 
Dell, and E.L. Heiberger. ISBN: 0-12-192566-8. 


Managing AppleShare & Workgroup Servers, by Dorian J. Cougias and Tom 
Dell (out of print). 


Network and Internet Security, by Vijay Ahuja. ISBN: 0-12-045595-1. 


TCP/IP Clearly Explained, Second Edition, by Pete Loshin. ISBN: 0-12- 
455835-6. 


e Voice: (800) 3131-APP 
e Email: app@acad.com 


e URL: http:/ / www.apnet.com /approfessional 
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Apple Computer, Inc. 


Developer of the Mac OS, AppleShare, AppleShare IP, and the Apple 
Workgroup Server. 


e Voice: (800) 500-7078 


e URLs: http://appleshareip.apple.com, http://www.servers.apple. 
com 


ae White Paper and Data Sheets on the CD. 


Claris Corp. 


Developer of the Em@iler email client, FileMaker Pro database program, 
and Home Page HTML editor. 


e Voice: (408) 727-9054 
e URL: http://www.claris.com 


COPS, Inc. 
Developer of the COPSTalk AppleTalk protocol stack for PCs. 


° Voice: (770) 840-0810 
¢ Email: support@copstalk.com 


e URL: http:/ /www.copstalk.com 


- Trial version on the CD. 
Dantz Development Corp. 


Developer of the Retrospect network backup system. 


e Voice: (510) 253-3000 
e Email: sales@dantz.com 


e URL: http:/ /www.dantz.com 


Sa - Product information on the CD. 
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Dartmouth College/Jim Matthews 
Developer of the Fetch FTP client. 


e¢ Voice: (603) 646-1999 
¢ Email: jim.matthews@dartmouth.edu 
e URL: http:/ /www.dartmouth.edu/ pages /softdev /fetch.html 


Datawatch Corp. 


Developer of the netOctopus network management system and the Virex 
anti-virus application. 


e Voice: (508) 988-9700 
e URL: http: / / www.datawatch.com 


Product information on the CD. 


Entrophy Software/Greg Combs 
Developer of the Count WWebula counter CGI. 


e Email: grgcombs@kagi.com 
e URL: http:/ / www.io.com/~combs/htmls/counter.html 


Shareware on the CD. 


Farallon Computing, Inc. 
Developer of the Timbuktu Pro remote management application. 


© Voice: (510) 814-5000 
e Email: sales@farallon.com 


e URL: http://www.farallon.com 


Sa- Trial software on the CD. 
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Gopher/University of Minnesota 
Developer of the Gopher and TurboGopher Gopher clients. 


e¢ URL: http: / /www.shareware.com 


Graphic Converter/Thorsten Lemke 
Developer of the Graphic Converter file conversion utility. 


e Voice: +49-5171-72200 
e Email: lemkesoft@aol.com 
e URL: http:/ /www.goldinc.com /Lemke/gc.html 


Shareware on the CD. 


Hewlett Packard Co. 


Maker of the LaserJet and DeskJet printers. 


e Voice: (800) 752-0900 
e URL: http:/ / www.hp.com / peripherals /main.html 


Kitchen Sink Software, Inc./Eric Bush 


Developer of ServerStat HTTP logging utility. 


e Voice: (614) 891-2111 
e Email: sales@kitchen-sink.com 
e¢ URL: http: / /www.kitchen-sink.com/ss.html 


Shareware on the CD. 


Neon Software Inc. 


Developer of the LANsurveyor and OTTool network management appli- 
cations. 
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e Voice: (800) 334-NEON 
e Email: sales@neon.com 


e URL: http://www.neon.com 


ea- Trial software on the CD. 


Open Door Networks, Inc. 


Developer of the AFP Engage! utility, LogDoor HTTP logging utility and 
HomeDoor multidomain management application. 


e Voice: (541) 488-4127 
e Email: logdoor@opendoor.com 


e URL: http:/ /www.opendoor.com 


Sa» Trial software on the CD. 


Qualcomn,, Inc. 
Developer of the Eudora email client. 


¢ Voice: (800) 236-3672 
e Email: eudora-rep@eudora.com 


e URL: http:/ /www.eudora.com 


RUN, Inc. 


Developer of the RunShare and RunShare GSA network acceleration 
systems. 


e Voice: (800) 478-6929 
e Email: info@runusa.com 


e URL: http: //www.runshare.com 


Se Trial software on the CD. 
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Santorini Consulting and Design, Inc. 


Developer of the Server Manager and Server Tools server management 
utilities. 


° Voice: (800) 851-7824 


e Email: scdsupport@aol.com 


e URL: http:/ /www.santorinicd.com 


Server Manager and Server Tools on the CD. 


Scion Networks LLC 


Provider of consulting, training and publishing. 


e Voice: (415) 346-9200 
e Email: info@scionnet.com 


e URL: http:/ / www.scionnet.com. 


AppleShare administrator templates on the CD. 


StarNine Technologies, Inc. 


Developer of Mail*Link email gateways, WebSTAR HTTP server, and 
ListSTAR list server. 


e Voice: (800) 525-2580 
e Email: sales@starnine.com 


e URL: http:/ /www.starnine.com 


Trial software on the CD. 


Vicom Technology Ltd. 
Developer of the Vicom Internet Gateway application. 


e Voice: (800) 818-4266 
e Email: sales@vicomtech.com 


e URL: http:/ /www.vicomtech.com 
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Wave Research N.V. 


Developer of the FileWave network management and Asset Trustee 
asset management systems. 


e Voice: (888)-FILEWAVE 
e Email: sales@waveresearch.com 


e URL: http:/ /www.waveresearch.com 


i Product information on the CD. 


Note: All product names are trademarks or registered trademarks of their 
respective holders. 
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LIMITED WARRANTY AND DISCLAIMER OF LIABILITY 
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DUCTION OF THE ACCOMPANYING CODE (“THE PRODUCT”) CANNOT AND DO NOT WARRANT THE 
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ING NEGLIGENCE), WILL AP OR ANYONE WHO HAS BEEN INVOLVED IN THE CREATION OR PRO- 
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A Fresh Approach to AppleShare 


With the introduction of AppleShare IP 5.0 in the summer of 1997, 
Apple radically retooled its original AppleShare product aimed at small 
Macintosh workgroups. Now designed with world-reaching capabilities, 
the release includes a file server, Web server, print server, email server, and 
~ DNS server, all based on the non-proprietary language of the Internet 
TCP/IP. This greatly extends the product's potential within the enterprise 
as it can now support PCs and UNIX computers natively. However, the 
huge leap in functionality means that AppleShare IP 5.0 has become 
more complicated, presenting a management challenge to even seasoned 
Macintosh administrators. 


What This Book Can Do for You 


AppleShare IP is designed to give Macintosh administrators all the 
information needed to properly deploy and manage AppleShare IP, 
Macintosh servers, and AppleShare IP clients. It teaches readers how to: 


@ Deploy AppleShare IP’s file, 
Web, email, print, and DNS 


servers properly 


Optimize AppleShare [P and 


@ Migrate from System 7 to Mac 


OS 8 access privilege schemes 


@ Improve server security with 
Dantz’s Retrospect and 


the Apple Workgroup Server Santorini’s Server 
performance Manager/Server Tools 
@ Work with protocols such as @ Add functionality and improve 
AFP FTP HTTP SMTP, PAP performance with Open Door 
and TCP Network's HomeDoor and 
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